CNNVD-202507-523 Information

CNNVD ID

CNNVD-202507-523

Related CVE

CVE-2025-53604

• CNNVD Published: 2025-07-04

Description (Chinese)

web-push crate是Julius de Bruijn个人开发者的一个Rust的库。 web-push crate 0.10.3之前版本存在安全漏洞，该漏洞源于Content-Length标头中的大整数可能导致拒绝服务。

Description (English)

Web-push crate is a Rust bank of Julius de Bruijn’s personal developer. There was a security loophole in the pre-web-push crate version of 0.103, which originated from the large integer in the Content-Length marker that could lead to the denial of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Live Support

Published

2025-07-04

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-53604 https://access.redhat.com/security/cve/cve-2025-53604

Patch

https://crates.io/crates/web-push