CVE-2020-35861

Опубликовано: 31 дек. 2020

Источник: debian

EPSS Низкий

Описание

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
rust-bumpalo	fixed	3.2.1-1		package

Примечания

https://rustsec.org/advisories/RUSTSEC-2020-0006.html
https://github.com/fitzgen/bumpalo/issues/69

EPSS

Процентиль: 51%

0.00285

Низкий

Связанные уязвимости

CVE-2020-35861

CVSS3: 7.5

ubuntu

около 5 лет назад

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys.

CVE-2020-35861

CVSS3: 7.5

nvd

около 5 лет назад

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys.

GHSA-vqx7-pw4r-29rr

CVSS3: 7.5

github

больше 4 лет назад

Out of bounds read in bumpalo

EPSS

Процентиль: 51%

0.00285

Низкий