mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2025-12-28 15:28:09 +01:00
21 lines
647 B
Markdown
21 lines
647 B
Markdown
```toml
|
|
[advisory]
|
|
id = "RUSTSEC-2020-0047"
|
|
package = "array-queue"
|
|
aliases = ["CVE-2020-35900", "GHSA-75cq-g75g-rxff"]
|
|
cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
|
|
date = "2020-09-26"
|
|
keywords = ["memory-corruption", "uninitialized-memory", "use-after-free"]
|
|
url = "https://github.com/raviqqe/array-queue/issues/2"
|
|
|
|
[versions]
|
|
patched = []
|
|
unaffected = ["< 0.3.0"]
|
|
```
|
|
|
|
# array_queue pop_back() may cause a use-after-free
|
|
|
|
array_queue implements a circular queue that wraps around an array. However, it
|
|
fails to properly index into the array in the `pop_back` function allowing the
|
|
reading of previously dropped or uninitialized memory.
|