OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-07 04:01:35 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
d8701fad2d40aeca8e8564692f14a8d7c30a5136
advisory-db/crates/generator/RUSTSEC-2019-0020.md
Alexander Kjäll f494f83f8e add missing cve info to advisories (#1077) 
looks like RUSTSEC-2020-0036 might be a special case, someone got a cve for that the crate is unmaintained
2021-10-14 21:53:11 +02:00

882 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2019-0020"
package = "generator"
date = "2019-09-06"
keywords = ["memory-corruption"]
url = "https://github.com/Xudong-Huang/generator-rs/issues/9"
aliases = ["CVE-2019-16144"]

[versions]
patched = [">= 0.6.18"]

fix unsound APIs that could lead to UB

Affected versions of this crate API could use uninitialized memory with some APIs in special cases, like use the API in none generator context. This could lead to UB. The flaw was corrected by https://github.com/Xudong-Huang/generator-rs/issues/9 https://github.com/Xudong-Huang/generator-rs/issues/11 https://github.com/Xudong-Huang/generator-rs/issues/13 https://github.com/Xudong-Huang/generator-rs/issues/14
This patch fixes all those issues above.