crates.io package
web-push
pkg:cargo/web-push
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-53604 | Med | 4.0 | < 0.10.4 | 0.10.4 | Jul 5, 2025 | The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header. |
- affected < 0.10.4fixed 0.10.4
The web-push crate before 0.10.3 for Rust allows a denial of service (memory consumption) in the built-in clients via a large integer in a Content-Length header.