CVE-2020-35861

Опубликовано: 31 дек. 2020

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys.

Ссылки

https://rustsec.org/advisories/RUSTSEC-2020-0006.html
Exploit
Patch
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2020-0006.html
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:bumpalo_project:bumpalo:*:*:*:*:*:rust:*:*

Версия от 3.0.0 (включая) до 3.2.1 (исключая)

EPSS

Процентиль: 51%

0.00285

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

CVE-2020-35861

CVSS3: 7.5

ubuntu

около 5 лет назад

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys.

CVE-2020-35861

CVSS3: 7.5

debian

около 5 лет назад

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. Th ...

GHSA-vqx7-pw4r-29rr

CVSS3: 7.5

github

больше 4 лет назад

Out of bounds read in bumpalo

EPSS

Процентиль: 51%

0.00285

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-125