mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
19 lines
479 B
Markdown
19 lines
479 B
Markdown
```toml
|
|
[advisory]
|
|
id = "RUSTSEC-2021-0117"
|
|
package = "arrow"
|
|
date = "2021-09-14"
|
|
url = "https://github.com/apache/arrow-rs/issues/775"
|
|
categories = ["memory-exposure"]
|
|
keywords = ["buffer-overflow"]
|
|
|
|
[versions]
|
|
patched = [">= 6.4.0"]
|
|
```
|
|
|
|
# `DecimalArray` does not perform bound checks on accessing values and offsets
|
|
|
|
`DecimalArray` performs insufficient bounds checks,
|
|
which allows out-of-bounds reads in safe code
|
|
if the length of the backing buffer is not a multiple of 16.
|