OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-27 06:29:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
main
advisory-db/crates/array-queue/RUSTSEC-2020-0047.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

647 B
Raw Permalink Blame History 

[advisory]
id = "RUSTSEC-2020-0047"
package = "array-queue"
aliases = ["CVE-2020-35900", "GHSA-75cq-g75g-rxff"]
cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
date = "2020-09-26"
keywords = ["memory-corruption", "uninitialized-memory", "use-after-free"]
url = "https://github.com/raviqqe/array-queue/issues/2"

[versions]
patched = []
unaffected = ["< 0.3.0"]

array_queue pop_back() may cause a use-after-free

array_queue implements a circular queue that wraps around an array. However, it fails to properly index into the array in the pop_back function allowing the reading of previously dropped or uninitialized memory.