CNNVD-202510-2111 Information
CNNVD ID
CNNVD-202510-2111
Related CVE
- CNNVD Published: 2025-10-15
Description (Chinese)
Alloy是Alloy开源的一个Rust中的库。 Alloy 0.8.26之前版本和1.4.1之前版本存在安全漏洞,该漏洞源于alloy_dyn_abi::TypedData对畸形输入处理不当,可能导致拒绝服务攻击。
Description (English)
Alloy is a library in Rust, the open source of Alloy. Prior to Alloy 0.8.26 and before 1.4.1, there was a security loophole, which arose from aloy dyn abi:: TypedData ’ s inappropriate handling of abnormal input, which could lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Alloy
Published
2025-10-15
Last Modified
2026-02-24
References
https://crates.io/crates/alloy-dyn-abi/1.4.1 https://crates.io/crates/alloy-dyn-abi/0.8.26 https://github.com/alloy-rs/core/commit/7823e9af8c20e9fcfb5360f5eafd891c457ebccf https://rustsec.org/advisories/RUSTSEC-2025-0073.html https://github.com/alloy-rs/core/security/advisories/GHSA-pgp9-98jm-wwq2 https://access.redhat.com/security/cve/cve-2025-62370
Patch
https://github.com/alloy-rs/core/releases
Share on: