Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zd3ctN2hycC1ndzl3
Drop of uninitialized memory in Ozone
An issue was discovered in the ozone crate through version 0.1.0 for Rust. Memory safety is violated because of the dropping of uninitialized memory.
Permalink: https://github.com/advisories/GHSA-m3ww-7hrp-gw9wJSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW0zd3ctN2hycC1ndzl3
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: over 2 years ago
Updated: 11 months ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-m3ww-7hrp-gw9w, CVE-2020-35878
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-35878
- https://rustsec.org/advisories/RUSTSEC-2020-0022.html
- https://github.com/advisories/GHSA-m3ww-7hrp-gw9w
Affected Packages
cargo:ozone
Dependent packages: 0Dependent repositories: 0
Downloads: 2,482 total
Affected Version Ranges: <= 0.1.0
No known fixed version
All affected versions: 0.0.1, 0.1.0