The bzip2 crate prior to 0.4.4 for Rust allow malicious users to cause a denial of service via a large file that triggers an integer overflow in mem.rs. NOTE: this is unrelated to the crates.io/crates/bzip2-rs product.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bzip2 project bzip2 |