CVE-2021-45680

Опубликовано: 27 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/vec-const/RUSTSEC-2021-0082.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0082.html
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/vec-const/RUSTSEC-2021-0082.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0082.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vec-const_project:vec-const:*:*:*:*:*:rust:*:*

Версия до 2.0.0 (исключая)

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-x76r-966h-5qv9