Описание
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2021-02-04 (включая)
cpe:2.3:a:xcb_project:xcb:*:*:*:*:*:rust:*:*
EPSS
Процентиль: 66%
0.00504
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 9.8
ubuntu
почти 5 лет назад
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server.
CVSS3: 9.8
debian
почти 5 лет назад
An issue was discovered in the xcb crate through 2021-02-04 for Rust. ...
EPSS
Процентиль: 66%
0.00504
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-125