CVE-2020-36464

Опубликовано: 08 авг. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/heapless/RUSTSEC-2020-0145.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2020-0145.html
Exploit
Issue Tracking
Patch
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/heapless/RUSTSEC-2020-0145.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2020-0145.html
Exploit
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:heapless_project:heapless:*:*:*:*:*:rust:*:*

Версия до 0.6.1 (исключая)

EPSS

Процентиль: 60%

0.00403

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-qgwf-r2jj-2ccv