Описание
Rust Failure Crate Vulnerable to Type confusion
Safe Rust code can implement malfunctioning __private_get_type_id__ and cause type confusion when downcasting, which is an undefined behavior.
Users who derive Fail trait are not affected.
Пакеты
Наименование
failure
rust
Затронутые версииВерсия исправления
<= 0.1.8
Отсутствует
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 5 лет назад
An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when __private_get_type_id__ is overridden.
CVSS3: 9.8
nvd
около 5 лет назад
An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when __private_get_type_id__ is overridden.
CVSS3: 9.8
debian
около 5 лет назад
An issue was discovered in the failure crate through 2019-11-13 for Ru ...