VDB
GHSA-8qv2-5vq6-g2g7
GHSA-8qv2-5vq6-g2g7
PUBLISHED
CVSS 7.5 HIGH
webpki: CPU denial of service in certificate path building
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| crates.io | webpki | 0, 0, 0 |
Timeline
- Aug 25, 2023 CVE Published
- Sep 6, 2023 CVE Updated
References
- https://github.com/briansmith/webpki product
- https://github.com/crypto-com/sgx-vendor url
- https://rustsec.org/advisories/RUSTSEC-2023-0052.html url
- GitHub Advisory GHSA-8qv2-5vq6-g2g7 vendor-advisory
- https://github.com/briansmith/webpki/issues/69 url
- https://github.com/briansmith/webpki/issues/69#issuecomment-1699894848 url
- https://github.com/briansmith/webpki/commit/30a108e0802fd09585e0d071013f24b8272d139b url