Описание
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| rust-diesel | fixed | 2.0.3-1 | package |
Примечания
https://rustsec.org/advisories/RUSTSEC-2021-0037.html
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 5 лет назад
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
CVSS3: 9.8
nvd
почти 5 лет назад
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
CVSS3: 9.8
github
больше 3 лет назад
Fix a use-after-free bug in diesels Sqlite backend