CVE-2021-45720

Опубликовано: 26 дек. 2021

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation.

Ссылки

https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/lru/RUSTSEC-2021-0130.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0130.html
Exploit
Issue Tracking
Third Party Advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/lru/RUSTSEC-2021-0130.md
Third Party Advisory
https://rustsec.org/advisories/RUSTSEC-2021-0130.html
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:lru_project:lru:*:*:*:*:*:rust:*:*

Версия до 0.7.1 (исключая)

EPSS

Процентиль: 51%

0.0028

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-416

Связанные уязвимости

CVE-2021-45720

CVSS3: 7.5

ubuntu

около 4 лет назад

An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation.

GHSA-v362-2895-h9r2

CVSS3: 7.5

github

около 4 лет назад

Use After Free in lru

EPSS

Процентиль: 51%

0.0028

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-416