CVE-2024-58265
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-07-27
Last updated on: 2025-08-07
Assigner: MITRE
Description
Description
The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mcginty | snow | to 0.9.5 (exc) |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-642 | The product stores security-critical state information about its users, or the product itself, in a location that is accessible to unauthorized actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the snow crate for Rust versions before 0.9.5. When using the stateful TransportState, it allows an attacker to increment a nonce, which can lead to denial of message delivery.
How can this vulnerability impact me? :
The vulnerability can impact you by causing denial of message delivery, meaning that messages may not be delivered as intended due to the nonce being incremented improperly.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70