Описание
Use After Free in rusqlite
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_scalar_function has a use-after-free.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2021-45713
- https://github.com/rusqlite/rusqlite/issues/1048
- https://github.com/rusqlite/rusqlite/pull/1049
- https://github.com/rusqlite/rusqlite/commit/30f8c8c502675011603c4d066396bf317fd49e71
- https://github.com/rusqlite/rusqlite/commit/612158507e90f41d409cd0fa80eb21c992b1bc08
- https://github.com/rusqlite/rusqlite/commit/934e0c709e156753881da98b32e9853f9ffe4a1b
- https://github.com/rusqlite/rusqlite/commit/f4f95f8caf9fd53bffd0c19530be2484c644cc16
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/rusqlite/RUSTSEC-2021-0128.md
- https://rustsec.org/advisories/RUSTSEC-2021-0128.html
Пакеты
Наименование
rusqlite
rust
Затронутые версииВерсия исправления
>= 0.25.0, < 0.25.4
0.25.4
Наименование
rusqlite
rust
Затронутые версииВерсия исправления
>= 0.26.0, < 0.26.2
0.26.2
Связанные уязвимости
CVSS3: 7.5
nvd
около 4 лет назад
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_scalar_function has a use-after-free.