GHSA-9wgh-vjj7-7433

Опубликовано: 25 авг. 2021

Источник: github

Github: Прошло ревью

CVSS3: 5.5

Описание

Mutable reference with immutable provenance in image

A mutable reference to a struct was constructed by dereferencing a pointer obtained from slice::as_ptr. Instead, slice::as_mut_ptr should have been called on the mutable slice argument. The former performs an implicit reborrow as an immutable shared reference which does not allow writing through the derived pointer.

Ссылки

Пакеты

Наименование

image

rust

Затронутые версииВерсия исправления

< 0.23.12

0.23.12

EPSS

Процентиль: 17%

0.00054

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2020-35916

Дефекты

CWE-400

Связанные уязвимости

CVE-2020-35916

CVSS3: 5.5

ubuntu

около 5 лет назад

An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable reference has immutable provenance. (In the case of LLVM, the IR may be always correct.)

CVE-2020-35916

CVSS3: 5.5

nvd

около 5 лет назад

An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable reference has immutable provenance. (In the case of LLVM, the IR may be always correct.)

CVE-2020-35916

CVSS3: 5.5

debian

около 5 лет назад

An issue was discovered in the image crate before 0.23.12 for Rust. A ...

EPSS

Процентиль: 17%

0.00054

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2020-35916

Дефекты

CWE-400