CNNVD-202601-1153 Information

CNNVD ID

CNNVD-202601-1153

Related CVE

CVE-2025-69255

• CNNVD Published: 2026-01-07

Description (Chinese)

rustfs是RustFS开源的一个高性能对象存储系统。 rustfs 1.0.0-alpha.13版本至1.0.0-alpha.77版本存在安全漏洞，该漏洞源于处理畸形gRPC GetMetrics请求时反序列化失败，可能导致远程拒绝服务。

Description (English)

Rustfs is a high performance object storage system for RustFS open sources. Rustfs 1.0.0-alpha.13 to 1.0.0-alpha.77 have a security loophole, which stems from the failure of the back-sequencing of requests for malformations gRPC GetMetrics and may lead to the remote rejection of services.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

RustFS

Published

2026-01-07

Last Modified

2026-02-24

References

https://github.com/rustfs/rustfs/commit/eb33e82b56ed11fd12bb39416359d8d60737dc7a https://github.com/rustfs/rustfs/security/advisories/GHSA-gw2x-q739-qhcr

Patch

https://rustfs.com/download/