mirror of
https://github.com/OMGeeky/advisory-db.git
synced 2026-02-15 22:04:38 +01:00
21 lines
700 B
Markdown
21 lines
700 B
Markdown
```toml
|
|
[advisory]
|
|
id = "RUSTSEC-2021-0082"
|
|
package = "vec-const"
|
|
date = "2021-08-14"
|
|
url = "https://github.com/Eolu/vec-const/issues/1#issuecomment-898908241"
|
|
categories = ["memory-corruption"]
|
|
keywords = ["memory-safety"]
|
|
informational = "unsound"
|
|
aliases = ["CVE-2021-45680", "GHSA-jmwx-r3gq-qq3p", "GHSA-x76r-966h-5qv9"]
|
|
|
|
[versions]
|
|
patched = [">= 2.0.0"]
|
|
```
|
|
|
|
# vec-const attempts to construct a Vec from a pointer to a const slice
|
|
|
|
Affected versions of this crate claimed to construct a const `Vec` with nonzero length and capacity, but that cannot be done because such a `Vec` requires a pointer from an allocator.
|
|
|
|
The implementation was later changed to just construct a `std::borrow::Cow`.
|