Описание
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
Ссылки
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.1.1 (исключая)
cpe:2.3:a:raw-cpuid_project:raw-cpuid:*:*:*:*:*:rust:*:*
EPSS
Процентиль: 62%
0.00433
Низкий
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-20
Связанные уязвимости
EPSS
Процентиль: 62%
0.00433
Низкий
9.8 Critical
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-20