/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-xgj3-59jf-r6pf

Published

Last updated

https://images.chainguard.dev/security/CGA-xgj3-59jf-r6pf
Package

ztunnel-fips-1.25

Repository

Chainguard

Latest Update
Pending upstream fix
Aliases
  • GHSA-2gh3-rmm4-6rq5

Severity

Unknown

Summary

Crash due to uncontrolled recursion in protobuf crate

Description

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the message on untrusted data.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs