Skip to main content

CVE-2025-53604: CWE-130 Improper Handling of Length Parameter Inconsistency in pimeys web-push

Medium
VulnerabilityCVE-2025-53604cvecve-2025-53604cwe-130
Published: Sat Jul 05 2025 (07/05/2025, 00:00:00 UTC)
Source: CVE Database V5
Vendor/Project: pimeys
Product: web-push

Description

The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header.

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2025-07-05T00:00:00.000Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 686877c46f40f0eb72a47d6b

Added to database: 7/5/2025, 12:54:28 AM

Last updated: 7/5/2025, 12:54:28 AM

Views: 1

Actions

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats