OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-23 20:05:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Create RUSTSEC-0000-0000.toml

Browse Source
This commit is contained in:
Stephen M. Coakley
2019-09-01 13:45:03 -05:00
committed by GitHub
parent 7b363b785a
commit 439853f667
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/chttp/RUSTSEC-0000-0000.toml Normal file
View File

@@ -0,0 +1,16 @@
[advisory]
id = "RUSTSEC-0000-0000"
package = "chttp"
date = "2019-09-01"
title = "Use-after-free in buffer conversion implementation"
description = """
The From<Buffer> implementation for Vec<u8> was not properly implemented,
returning a vector backed by freed memory. This could lead to memory corruption
or be exploited to cause undefined behavior.
A fix was published in version 0.1.3.
"""
patched_versions = [">= 0.1.3"]
unaffected_versions = ["< 0.1.1"]
url = "https://github.com/sagebind/isahc/issues/2"
keywords = ["memory-management", "memory-corruption"]