CVE-2021-45695

Опубликовано: 27 дек. 2021

Источник: nvd

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/mopa/RUSTSEC-2021-0095.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0095.html
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/mopa/RUSTSEC-2021-0095.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0095.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mopa_project:mopa:*:*:*:*:*:rust:*:*

Версия до 0.2.2 (включая)

EPSS

Процентиль: 76%

0.00931

Низкий

9.8 Critical

CVSS3

7.5 High

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-2gxj-qrp2-53jv