CVE-2019-15541

NONE EPSS 80.6%
Published Aug 26, 20196y ago · Modified Jun 17, 20262w ago
Find Similar
Published Aug 26, 2019 6y ago
Last Modified Jun 17, 2026 2w ago

Description

rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to cause a denial of service (loop of conn_event and ready) by arranging for a client to never be writable.

Threat Intelligence

EPSS Exploit Probability
80.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-88

Affected Products 1

VendorProductVersionRange
rustls_projectrustls* <0.16.0

References 3

  • github.com https://github.com/ctz/rustls/commit/a93ee1abd2ab19ebe4bf9d684d56637ee54a6074
    PatchThird Party Advisory
  • github.com https://github.com/ctz/rustls/compare/cd66549...17ee52c
    Release NotesThird Party Advisory
  • github.com https://github.com/ctz/rustls/issues/285
    ExploitIssue TrackingThird Party Advisory

Remediation

  • github.com https://github.com/ctz/rustls/commit/a93ee1abd2ab19ebe4bf9d684d56637ee54a6074
    PatchThird Party Advisory