OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-27 06:29:31 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
f494f83f8edffecba0d2535be051c1a6d8dfaa39
advisory-db/crates/array-tools/RUSTSEC-2020-0132.md
Alexander Kjäll f494f83f8e add missing cve info to advisories (#1077) 
looks like RUSTSEC-2020-0036 might be a special case, someone got a cve for that the crate is unmaintained
2021-10-14 21:53:11 +02:00

546 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0132"
package = "array-tools"
date = "2020-12-31"
url = "https://github.com/L117/array-tools/issues/2"
categories = ["memory-corruption"]
aliases = ["CVE-2020-36452"]

[versions]
patched = [">= 0.3.2"]

FixedCapacityDequeLike::clone() can cause dropping uninitialized memory

Affected versions of this crate don't guard against panics, so that partially uninitialized buffer is dropped when user-provided T::clone() panics in FixedCapacityDequeLike<T, A>::clone(). This causes memory corruption.