Описание
An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free.
Ссылки
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/tremor-script/RUSTSEC-2021-0111.mdMitigationThird Party Advisory
- PatchThird Party Advisory
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/tremor-script/RUSTSEC-2021-0111.mdMitigationThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 0.7.2 (включая) до 0.11.6 (исключая)
cpe:2.3:a:linuxfoundation:tremor-script:*:*:*:*:*:rust:*:*
EPSS
Процентиль: 63%
0.00441
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416
Связанные уязвимости
EPSS
Процентиль: 63%
0.00441
Низкий
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-416