CVE-2021-28875

Опубликовано: 11 апр. 2021

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 7.5

Описание

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needs-triage
devel	DNE
esm-apps/bionic	not-affected	1.51.0+dfsg1+llvm-1~exp3ubuntu1~18.04.1
esm-apps/focal	released	1.51.0+dfsg1+llvm-1~exp3ubuntu1~20.04.2
esm-apps/xenial	needed
esm-infra-legacy/trusty	needed
focal	released	1.51.0+dfsg1+llvm-1~exp3ubuntu1~20.04.2
groovy	ignored	end of life
hirsute	ignored	end of life
impish	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 64%

0.00478

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

CVE-2021-28875

CVSS3: 7.5

redhat

почти 5 лет назад

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

CVE-2021-28875

CVSS3: 7.5

nvd

больше 4 лет назад

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

CVE-2021-28875

CVSS3: 7.5

msrc

больше 4 лет назад

Описание отсутствует

CVE-2021-28875

CVSS3: 7.5

debian

больше 4 лет назад

In the standard library in Rust before 1.50.0, read_to_end() does not ...

GHSA-fhrh-9gc2-pfgh

CVSS3: 7.5

github

больше 3 лет назад

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

EPSS

Процентиль: 64%

0.00478

Низкий

5 Medium

CVSS2

7.5 High

CVSS3

CVE-2021-28875

Описание

Пакет rustc

Ссылки на источники

Связанные уязвимости