Unknown · Tokio-Boring · CVE-2023-6180
**Name of the Vulnerable Software and Affected Versions**
tokio-boring version 4.0.0
**Description**
The issue is related to a memory leak that can cause excessive resource consumption and potentially lead to a Denial of Service (DoS) by resource exhaustion. This occurs because the `set ex data` function, used by the library, fails to deallocate memory used by pre-existing data after completing a TLS connection, resulting in increased resource consumption with each new connection.
**Recommendations**
For tokio-boring version 4.0.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.