CVE-2024-44073
19.08.2024, 03:15
The Miniscript (aka rust-miniscript) library before 12.2.0 for Rust allows stack consumption because it does not properly track tree depth.Enginsight
| Vendor | Product | Version |
|---|---|---|
| rust-bitcoin | miniscript | 𝑥 < 12.2.0 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.
- CWE-674 - Uncontrolled RecursionThe product does not properly control the amount of recursion which takes place, consuming excessive resources, such as allocated memory or the program stack.