OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-06 19:49:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
advisory-db/crates/linked-hash-map/RUSTSEC-2020-0026.md
Alexis Mousset 84c633df9c Update aliases from GHSA OSV export (#1693)
2023-06-13 15:10:24 +02:00

573 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0026"
package = "linked-hash-map"
aliases = ["CVE-2020-25573", "GHSA-r43h-gmrm-h5c9"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
date = "2020-06-23"
informational = "unsound"
url = "https://github.com/contain-rs/linked-hash-map/pull/100"

[versions]
patched = [">= 0.5.3"]

linked-hash-map creates uninitialized NonNull pointer

Affected versions of this crate called mem::uninitialized() to create a NonNull<T>, which is undefined behavior.

The flaw was corrected by avoiding the use of mem::uninitialized().