OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-26 16:07:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c05fea5fa6e1776c015b855eebaa344d00e28a7
advisory-db/crates/array-queue/RUSTSEC-2020-0047.md
Alexis Mousset 8c05fea5fa Add cvss information from nvd (#1085)
2021-10-19 16:14:35 -06:00

624 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0047"
package = "array-queue"
aliases = ["CVE-2020-35900"]
cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
date = "2020-09-26"
keywords = ["memory-corruption", "uninitialized-memory", "use-after-free"]
url = "https://github.com/raviqqe/array-queue/issues/2"

[versions]
patched = []
unaffected = ["< 0.3.0"]

array_queue pop_back() may cause a use-after-free

array_queue implements a circular queue that wraps around an array. However, it fails to properly index into the array in the pop_back function allowing the reading of previously dropped or uninitialized memory.