OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-20 10:31:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

arrow BinaryArray advisory (#1057)

Browse Source 
* Create RUSTSEC-0000-0000.md

* reword to also include writes

* remove mentions of writes
This commit is contained in:
Sergey "Shnatsel" Davidoff
2021-09-29 17:46:18 +02:00
committed by GitHub
parent a44ad8fae3
commit 9cc82e1b90
1 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
crates/arrow/RUSTSEC-0000-0000.md Normal file
View File

@@ -0,0 +1,16 @@
```toml
[advisory]
id = "RUSTSEC-0000-0000"
package = "arrow"
date = "2021-09-14"
references = ["https://github.com/apache/arrow-rs/issues/772", "https://github.com/apache/arrow-rs/issues/773"]
categories = ["memory-exposure"]
keywords = ["buffer-overflow"]
[versions]
patched = []
```
# `BinaryArray` does not perform bound checks on reading values and offsets
`BinaryArray` performs insufficient validation on creation, which allows out-of-bounds reads in safe code.