OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-22 11:25:24 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
ca7b554f5babe416220eda5846f34cd2f2ca1237
advisory-db/crates/chttp/RUSTSEC-2019-0016.toml
Tony Arcieri 5b742bbc54 Assign RUSTSEC-2019-0016 to chttp 
Original PR: https://github.com/RustSec/advisory-db/pull/139
2019-09-01 13:06:15 -07:00

17 lines
567 B
TOML
Raw Blame History

[advisory]
id = "RUSTSEC-2019-0016"
package = "chttp"
date = "2019-09-01"
title = "Use-after-free in buffer conversion implementation"
description = """
The From<Buffer> implementation for Vec<u8> was not properly implemented,
returning a vector backed by freed memory. This could lead to memory corruption
or be exploited to cause undefined behavior.
A fix was published in version 0.1.3.
"""
patched_versions = [">= 0.1.3"]
unaffected_versions = ["< 0.1.1"]
url = "https://github.com/sagebind/isahc/issues/2"
keywords = ["memory-management", "memory-corruption"]
Reference in New Issue View Git Blame Copy Permalink