CNNVD-202602-956 Information

CNNVD ID

CNNVD-202602-956

Related CVE

CVE-2026-25727

• CNNVD Published: 2026-02-06

Description (Chinese)

time是Time开源的一个Rust中的日期和时间处理包。 time 0.3.6至0.3.47之前版本存在安全漏洞，该漏洞源于当用户提供的输入提供给任何使用RFC 2822格式解析的类型时，可能通过堆栈耗尽导致拒绝服务攻击。

Description (English)

Time is a date and time-processing package in a Rust from Time Open Source. The security loophole in the pre-versions 0.3.6 to 0.3.47 arises from the possibility of a denial of service attack through stack depletion when the user provides input to any type of resolution using the RFC 2822 format.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Time

Published

2026-02-06

Last Modified

2026-02-24

References

https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05 https://github.com/time-rs/time/commit/1c63dc7985b8fa26bd8c689423cc56b7a03841ee https://github.com/time-rs/time/releases/tag/v0.3.47 https://github.com/time-rs/time/security/advisories/GHSA-r6v5-fh4h-64xc

Patch

https://github.com/time-rs/time/releases