AikidoSec · kapyteinaikido · Oct 2, 2025 · Sep 25, 2025 · Oct 2, 2025
diff --git a/vulnerabilities/AIKIDO-2025-10659.json b/vulnerabilities/AIKIDO-2025-10659.json
@@ -0,0 +1,26 @@
+{
+  "package_name": "parse_datetime",
+  "patch_versions": [
+    "0.12.0"
+  ],
+  "vulnerable_ranges": [
+    [
+      "0.10.0",
+      "0.11.0"
+    ]
+  ],
+  "cwe": [
+    "CWE-190"
+  ],
+  "tldr": "Affected versions of this package are vulnerable to an integer overflow in the date calculation functions, where the old code performed unchecked multiplication, which could result in a panic on overflow. The patched code introduces a safe check to prevent this. An attacker could exploit this by supplying a huge `multiplier` value that causes an integer overflow, triggering a panic and resulting in a denial-of-service condition.",
+  "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.",
+  "how_to_fix": "Upgrade the `parse_datetime` library to the patch version.",
+  "vulnerable_to": "Integer Overflow or Wraparound",
+  "related_cve_id": "",
+  "language": "Rust",
+  "severity_class": "LOW",
+  "aikido_score": 15,
+  "changelog": "https://github.com/uutils/parse_datetime/releases/tag/v0.12.0",
+  "last_modified": "2025-10-02",
+  "published": "2025-10-02"
+}