AIKIDO-2024-10444
rustybuzz is vulnerable to Integer Overflow
15
Low
rustybuzz rust
AIKIDO-2024-10444: rustybuzz is vulnerable to Integer Overflow in versions 0.7.0 - 0.20.0.
Integer Overflow
Vuln in 0.7.0 - 0.20.0
Fixed in 0.20.1
No CVE available
TL;DR
Affected versions of the package are vulnerable to an integer overflow, which may lead to crashes or denial of service (DoS).
Who does this affect?
You're affected if you are using a version which is within vulnerability ranges.
How can it be fixed?
Upgrade rustybuzz library to patch version.
Background info
Don’t be left in the dark
With in-house intel and access to top vulnerability databases, see it all with Aikido.
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US