CVE-2021-45708

Опубликовано: 27 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/abomonation/RUSTSEC-2021-0120.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0120.html
Vendor Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/abomonation/RUSTSEC-2021-0120.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0120.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:abomonation_project:abomonation:*:*:*:*:*:rust:*:*

Версия до 0.7.3 (включая)

EPSS

Процентиль: 52%

0.00291

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-668

Связанные уязвимости

GHSA-5vwc-r48g-wj6c