摘要:
The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.
安全等级: Low
公告ID: KylinSec-SA-2023-1038
发布日期: 2023年2月6日
关联CVE: CVE-2023-22895
The bzip2 crate before 0.4.4 for Rust allow attackers to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the https://crates.io/crates/bzip2-rs product.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-22895 | KY3.4-4A | bzip2 | Unaffected |
| CVE-2023-22895 | KY3.4-5A | bzip2 | Unaffected |
| CVE-2023-22895 | KY3.5.1 | bzip2 | Unaffected |
| CVE-2023-22895 | KY3.5.2 | bzip2 | Unaffected |
