Description
stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::from_str does not validate that the input length is within the declared maximum (MAX). Calling StringM::<N>::from_str(s) where s is longer than N bytes succeeds and returns an Ok value instead of Err(Error::LengthExceedsMax), producing a StringM that violates its length invariant. This affects any code that constructs StringM values from string input using FromStr (including str::parse), and relies on the type's maximum length constraint being enforced. An oversized StringM could propagate through serialization, validation, or other logic that assumes the invariant holds. This issue has been patched in version 25.0.1.
Published: 2026-03-06
Score: 4 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Integrity (Invariant Violation)
Action: Patch Now
AI Analysis

Impact

StringM::from_str in the Stellar XDR library does not enforce the declared maximum length when constructing a StringM value. If an input string exceeds the allowed size, the function erroneously returns a successful result and produces a StringM that violates its length invariant. This flaw can allow callers to create malformed XDR structures that may bypass downstream validation, serialization, or other logic that assumes the invariant holds, potentially leading to logical inconsistencies, denial of service, or other integrity problems.

Affected Systems

The vulnerability affects the Stellar rs‑stellar-xdr library and CLI up to and including version 25.0.0. Systems that use this library to parse or construct XDR messages—such as Stellar network nodes, client libraries, or any application that depends on rs‑stellar-xdr—are impacted.

Risk and Exploitability

The CVSS score is 4.0, reflecting moderate severity. The EPSS score is below 1 % and the issue is not listed in the CISA KEV catalog, indicating a low likelihood of active exploitation at present. However, because the flaw enables the creation of oversized StringM objects that can trick downstream code, an attacker with the ability to supply crafted input—whether locally or remotely via an application that parses untrusted XDR—could exploit the weakness. The attack would involve feeding an oversized string to StringM::<N>::from_str or str::parse, which the affected library accepts without error. Since the flaw lies in the library itself and does not require additional conditions, its exploitability remains contingent on whether the vulnerable code path is invoked.

Generated by OpenCVE AI on April 16, 2026 at 11:12 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to rs‑stellar‑xdr 25.0.1 or newer, which includes the change to enforce max length validation.
  • Identify any custom parsing or direct use of StringM::from_str / str::parse in your codebase and validate the length of input before calling the function or replace with safe alternatives that perform length checks.
  • Review serialization and validation logic that consumes StringM values to ensure it properly handles unexpected length values and implements defensive checks against potential invariant violations.

Generated by OpenCVE AI on April 16, 2026 at 11:12 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-x57h-xx53-v53w stellar-xdr's StringM::from_str bypasses max length validation
History

Wed, 18 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Stellar stellar-xdr
CPEs cpe:2.3:a:stellar:stellar-xdr:*:*:*:*:*:rust:*:*
Vendors & Products Stellar stellar-xdr

Mon, 09 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 09 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Stellar
Stellar rs-stellar-xdr
Vendors & Products Stellar
Stellar rs-stellar-xdr

Fri, 06 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
Description stellar-xdr is a library and CLI containing types and functionality for working with Stellar XDR. Prior to version 25.0.1, StringM::from_str does not validate that the input length is within the declared maximum (MAX). Calling StringM::<N>::from_str(s) where s is longer than N bytes succeeds and returns an Ok value instead of Err(Error::LengthExceedsMax), producing a StringM that violates its length invariant. This affects any code that constructs StringM values from string input using FromStr (including str::parse), and relies on the type's maximum length constraint being enforced. An oversized StringM could propagate through serialization, validation, or other logic that assumes the invariant holds. This issue has been patched in version 25.0.1.
Title stellar-xdr: `StringM::from_str` bypasses max length validation
Weaknesses CWE-770
References
Metrics cvssV3_1

{'score': 4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N'}

Subscriptions

Stellar Rs-stellar-xdr Stellar-xdr
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-03-09T20:54:30.156Z

Reserved: 2026-03-04T16:26:02.900Z

Link: CVE-2026-29795

cve-icon Vulnrichment

Updated: 2026-03-09T20:51:40.327Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-06T21:16:15.950

Modified: 2026-03-18T18:46:06.590

Link: CVE-2026-29795

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T11:15:27Z

Weaknesses