Read our disclosure policy
The crash is fixed in version **0.4.3** of Rulex. Affected users are advised to update to this version.
The crashes are fixed in version **0.4.3** of Rulex. Affected users are advised to update to this version.
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs).
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs)
Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions prior to 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allocate a buffer based on the declared dataframe size, which may come from an untrusted source.
Six-library is a software library published by the US government's National Geospatial-Intelligence Agency (NGA). The six-library is designed to parse and manipulate satellite imagery and data for both internal and public use.
H2O is an open source HTTP server written in C. H2O is known for its ability to deliver quicker responses to users with less CPU utilization than older generations of web servers.
sthttpd is an open source web server designed for simplicity, a small execution footprint and speed.