AIKIDO-2024-10423

chriskohlhoff.asio is vulnerable to Missing Standardized Error Handling Mechanism

High

chriskohlhoff.asio c++

AIKIDO-2024-10423: chriskohlhoff.asio is vulnerable to Missing Standardized Error Handling Mechanism in versions 1.0.0 - 1.12.2.

Missing Standardized Error Handling Mechanism

Vuln in 1.0.0 - 1.12.2

Fixed in 1.13.0

CVE-2019-25219

TL;DR

Asio C++ Library before version 1.13.0 lacks a fallback error code in the case of SSL_ERROR_SYSCALL with no associated error information from the SSL library being used.

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade chriskohlhoff.asio library to patch version.

Background info

Link to vendor website

🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium

🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US

AIKIDO-2024-10423

chriskohlhoff.asio is vulnerable to Missing Standardized Error Handling Mechanism

chriskohlhoff.asio c++

AIKIDO-2024-10423: chriskohlhoff.asio is vulnerable to Missing Standardized Error Handling Mechanism in versions 1.0.0 - 1.12.2.

Don’t be left in the dark