CVE-2021-25900

Опубликовано: 26 янв. 2021

Источник: debian

Описание

An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
rust-smallvec	fixed	1.4.2-2		package
rust-smallvec	no-dsa		buster	package

Примечания

https://rustsec.org/advisories/RUSTSEC-2021-0003.html
https://github.com/servo/rust-smallvec/issues/252

Связанные уязвимости

CVE-2021-25900

CVSS3: 9.8

ubuntu

около 5 лет назад

An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

CVE-2021-25900

CVSS3: 9.8

nvd

около 5 лет назад

An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

openSUSE-SU-2021:0634-1

suse-cvrf

почти 5 лет назад

Security update for librsvg

SUSE-SU-2021:1408-1

suse-cvrf

почти 5 лет назад

Security update for librsvg

GHSA-43w2-9j62-hq99

CVSS3: 9.8

github

больше 3 лет назад

Buffer overflow in SmallVec::insert_many