Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-36323

Опубликовано: 14 апр. 2021
Источник: nvd
CVSS3: 8.2
CVSS2: 6.4
EPSS Низкий

Описание

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:rust-lang:rust:*:*:*:*:*:*:*:*
Версия до 1.52.0 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

EPSS

Процентиль: 71%
0.00709
Низкий

8.2 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-134

Связанные уязвимости

ubuntu логотип

CVE-2020-36323

CVSS3: 8.2
ubuntu
больше 4 лет назад

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

redhat логотип

CVE-2020-36323

CVSS3: 8.2
redhat
больше 4 лет назад

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

msrc логотип

CVE-2020-36323

CVSS3: 8.2
msrc
больше 4 лет назад

Описание отсутствует

debian логотип

CVE-2020-36323

CVSS3: 8.2
debian
больше 4 лет назад

In the standard library in Rust before 1.52.0, there is an optimizatio ...

github логотип

GHSA-9v8g-q8xx-7374

CVSS3: 8.2
github
около 3 лет назад

In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

EPSS

Процентиль: 71%
0.00709
Низкий

8.2 High

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-134