exploitDog

CVE-2021-45702

Опубликовано: 27 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/tremor-script/RUSTSEC-2021-0111.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0111.html
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/tremor-script/RUSTSEC-2021-0111.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0111.html
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:linuxfoundation:tremor-script:*:*:*:*:*:rust:*:*

Версия от 0.7.2 (включая) до 0.11.6 (исключая)

EPSS

Процентиль: 60%

0.00393

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

GHSA-9qvw-46gf-4fv8

CVSS3: 7.5

github

около 4 лет назад

Use After Free in tremor-script

EPSS

Процентиль: 60%

0.00393

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-416