Описание
Double free in algorithmica
An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. In the affected versions of this crate, merge_sort::merge() wildly duplicates and drops ownership of T without guarding against double-free. Due to such implementation, simply invoking merge_sort::merge() on Vec<T: Drop> can cause double free bugs.
Пакеты
Наименование
algorithmica
rust
Затронутые версииВерсия исправления
<= 0.1.8
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
почти 5 лет назад
An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. There is a double free in merge_sort::merge().