Home > Vulnerability Database > WS-2018-0550

Mend.io Vulnerability Database

WS-2018-0550

Good to know:

Date: September 21, 2018

A potential Denial of Service vulnerability in tokio before version 0.1.10 exists in the read_line function in lines codec, allowing an attacker to send an unbounded amount of data and cause memory exhaustion.

Language: RUST

Severity Score

8.2

Related Resources (3)

Url: https://github.com/tokio-rs/tokio/commit/3dd95a9ff14109f2b27d181960f478ad67c0c1ae

Url: https://github.com/tokio-rs/tokio/pull/632

Url: https://www.mend.io/vulnerability-database/WS-2018-0550

Severity Score

8.2

Weakness Type (CWE)

Code

CWE-17

Top Fix

Upgrade Version

Upgrade to version 0.1.10

Learn More

CVSS v3.1

Base Score:	8.2
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	HIGH
Availability (A):	LOW

Mend.io Vulnerability Database

We found results for “”

WS-2018-0550

Good to know:

Date: September 21, 2018

Language: RUST

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?