mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-01-06 03:29:45 +01:00
f4a8973706
* add cve info to advisories * Put `aliases` field in the proper place It should not be under `[versions]` * move `aliases` to the proper place Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
18 lines
567 B
Markdown
18 lines
567 B
Markdown
```toml
|
|
[advisory]
|
|
id = "RUSTSEC-2021-0053"
|
|
package = "algorithmica"
|
|
date = "2021-03-07"
|
|
url = "https://github.com/AbrarNitk/algorithmica/issues/1"
|
|
categories = ["memory-corruption"]
|
|
aliases = ["CVE-2021-31996"]
|
|
|
|
[versions]
|
|
patched = []
|
|
```
|
|
|
|
# 'merge_sort::merge()' crashes with double-free for `T: Drop`
|
|
|
|
In the affected versions of this crate, `merge_sort::merge()` wildly duplicates and drops ownership of `T` without guarding against double-free. Due to such implementation,
|
|
simply invoking `merge_sort::merge()` on `Vec<T: Drop>` can cause **double free** bugs.
|