Опубликовано: 09 фев. 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 7.5
CVSS3: 9.8
Описание
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated bytes from an X server.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| devel | not-affected | 1.4.0-2 |
| esm-apps/jammy | ignored | risk of regression |
| esm-apps/noble | not-affected | 1.2.2-1 |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | ignored | end of life |
| hirsute | ignored | end of life |
| impish | ignored | end of life |
Показывать по
10
EPSS
Процентиль: 66%
0.00504
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
почти 5 лет назад
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated bytes from an X server.
CVSS3: 9.8
debian
почти 5 лет назад
An issue was discovered in the xcb crate through 2021-02-04 for Rust. ...
EPSS
Процентиль: 66%
0.00504
Низкий
7.5 High
CVSS2
9.8 Critical
CVSS3