CVE-2024-44073
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 19, 2024
CWE ID 787
Summary
CVE-2024-44073 is a newly disclosed vulnerability affecting the Miniscript library, specifically versions before 12.2.0, used in Rust programming. This issue arises due to the library's inability to adequately manage tree depth, leading to stack consumption. Attackers could potentially exploit this vulnerability by constructing maliciously crafted inputs, resulting in denial-of-service (DoS) attacks or even arbitrary code execution in certain contexts. Developers are urged to update to the latest version of the library to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share