Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.Test your applications
- Snyk ID SNYK-RUST-TSSESAPI-2929010
- published 17 Jun 2022
- disclosed 17 Jun 2022
- credit Unknown
Introduced: 17 Jun 2022CVE NOT AVAILABLE CWE-416 Open this link in a new tab
How to fix?
tss-esapi to version 6.1.2, 7.1.0 or higher.
tss-esapi is a high-level, Rust idiomatic wrapper crate that exposes an interface to TSS.
Affected versions of this package are vulnerable to Use After Free in the function
This issue only applies to applications starting authorization sessions using an explicit initial