Primary

Context

Buffered-Reader Crate Out-of-Bounds Access Vulnerability Allowing Denial-of-Service

Vulnerability

A denial-of-service vulnerability has been identified in the buffered-reader crate for Rust, affecting versions prior to 1.0.2 and 1.1.0 through 1.1.5. The issue arises from a bug that allows attacker-controlled input to access arrays out of bounds. While Rust's safety mechanisms detect this and cause a panic, the vulnerability can still be exploited to disrupt the application's normal operation. Notably, this out-of-bounds access does not permit reading from or writing to the application's memory space.

Impact

Exploitation of this vulnerability leads to a panic in the application, causing it to crash. This behavior can be leveraged to create a denial-of-service condition, where the application becomes unresponsive or unavailable.

Remediation

Users can upgrade to buffered-reader versions 1.0.2, 1.1.5, or 1.2.0 to address this vulnerability.

Added: Jul 28, 2025, 3:20 AM

Updated: Jul 28, 2025, 4:21 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

7.7

relevance

0.3

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Buffered-Reader Crate Out-of-Bounds Access Vulnerability Allowing Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating