Описание
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations.
Ссылки
- ExploitThird Party Advisory
- Vendor Advisory
- ExploitThird Party Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 0.8.20 (исключая)
cpe:2.3:a:rgb-rust_project:rgb-rust:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00282
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 9.1
ubuntu
больше 5 лет назад
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations.
CVSS3: 9.1
debian
больше 5 лет назад
A safety violation was discovered in the rgb crate before 0.8.20 for R ...
EPSS
Процентиль: 51%
0.00282
Низкий
9.1 Critical
CVSS3
6.4 Medium
CVSS2
Дефекты
CWE-119