CVE-2020-25576

Опубликовано: 14 сент. 2020

Источник: debian

EPSS Низкий

Описание

An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.

Пакет	Статус	Версия исправления	Релиз	Тип
rust-rand-core	fixed	0.5.0-1		package
rust-rand-core	ignored		buster	package
rust-rand-core-0.3	removed			package
rust-rand-core-0.2	removed			package
rust-rand-core-0.2	ignored		buster	package

https://rustsec.org/advisories/RUSTSEC-2019-0035.html
https://github.com/rust-random/rand/blob/master/rand_core/CHANGELOG.md#050---2019-06-06

EPSS

Процентиль: 67%

0.00544

Низкий

CVE-2020-25576

CVSS3: 9.8

ubuntu

больше 5 лет назад

An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.

CVE-2020-25576

CVSS3: 9.8

nvd

больше 5 лет назад

An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.

CVE-2020-25576

CVSS3: 9.8

msrc

больше 1 года назад

Описание отсутствует

GHSA-mmc9-pwm7-qj5w

CVSS3: 9.8

github

больше 4 лет назад

Unaligned memory access in rand_core

EPSS

Процентиль: 67%

0.00544

Низкий