mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-23 15:38:27 +01:00
532 B
532 B
[advisory]
id = "RUSTSEC-2020-0038"
package = "ordnung"
aliases = ["CVE-2020-35890", "CVE-2020-35891"]
date = "2020-09-03"
url = "https://github.com/maciejhirsz/ordnung/issues/8"
[versions]
patched = []
Memory safety issues in compact::Vec
compact::Vec contains multiple memory safety issues.
- It mishandles large capacity and causes out-of-bound access in 32-bit / allocator layout mismatch in 64-bit.
remove()is not panic-safe and causes double-free when an index larger than the length is provided.