GHSA-xm9m-2vj8-fmfr

Опубликовано: 01 сент. 2021

Источник: github

Github: Прошло ревью

CVSS3: 7.5

Описание

Uninitialized memory access in toodee

An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2021-28029
https://github.com/antonmarsden/toodee/issues/13
https://rustsec.org/advisories/RUSTSEC-2021-0028.html

Пакеты

Наименование

toodee

rust

Затронутые версииВерсия исправления

< 0.3.0

0.3.0

EPSS

Процентиль: 51%

0.00285

Низкий

7.5 High

CVSS3

CVE ID

CVE-2021-28029

Дефекты

CWE-908

Связанные уязвимости

CVE-2021-28029

CVSS3: 7.5

nvd

почти 5 лет назад

An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations.

EPSS

Процентиль: 51%

0.00285

Низкий

7.5 High

CVSS3

CVE ID

CVE-2021-28029

Дефекты

CWE-908