VYPR
Medium severity4.0GHSA Advisory· Published Jul 5, 2025· Updated Apr 15, 2026

CVE-2025-53604

CVE-2025-53604

Description

The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
web-pushcrates.io
< 0.10.40.10.4

Affected products

2

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.