Описание
An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rust-libflate | fixed | 0.1.25-1 | package | |
| rust-libflate | no-dsa | buster | package |
Примечания
https://github.com/sile/libflate/issues/35
https://rustsec.org/advisories/RUSTSEC-2019-0010.html
EPSS
Процентиль: 82%
0.01748
Низкий
Связанные уязвимости
CVSS3: 9.8
ubuntu
больше 6 лет назад
An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution.
CVSS3: 9.8
nvd
больше 6 лет назад
An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution.
EPSS
Процентиль: 82%
0.01748
Низкий