/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-rfq8-w443-h236

Published

Last updated

https://images.chainguard.dev/security/CGA-rfq8-w443-h236
Package

ztunnel-fips-1.24

Repository

Chainguard

Latest Update
Pending upstream fix
Aliases
  • GHSA-2gh3-rmm4-6rq5

Severity

Unknown

Summary

Crash due to uncontrolled recursion in protobuf crate

Description

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the message on untrusted data.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs