VYPR
High severity7.5NVD Advisory· Published Sep 21, 2023· Updated Jun 17, 2026

CVE-2023-43669

CVE-2023-43669

Description

The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of times) and the average amount of data for each parse attempt (e.g., millions of bytes).

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
tungstenitecrates.io
< 0.20.10.20.1

Affected products

4

Patches

Vulnerability mechanics

References

21

News mentions

0

No linked articles in our index yet.