CVE-2021-45681

Опубликовано: 27 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference (and memory corruption) can occur because AddRef might not be called before returning a pointer.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/derive-com-impl/RUSTSEC-2021-0083.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0083.html
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/derive-com-impl/RUSTSEC-2021-0083.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0083.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:derive-com-impl_project:derive-com-impl:*:*:*:*:*:rust:*:*

Версия до 0.1.2 (исключая)

EPSS

Процентиль: 56%

0.00334

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-w4cc-pc2h-whcj