Описание
Apache Avro Rust SDK corrupted data read can cause crash
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
Пакеты
Наименование
apache-avro
rust
Затронутые версииВерсия исправления
< 0.14.0
0.14.0
Связанные уязвимости
CVSS3: 7.5
nvd
больше 3 лет назад
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK prior to 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.