CVE-2021-25900

🗓️ 26 Jan 2021 18:22:16Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 136 Views

An issue in smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust causes heap-based buffer overflow in SmallVec::insert_many

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 17
OSV	Buffer overflow in SmallVec::insert_many	24 May 202217:40	–	osv
OSV	Buffer overflow in SmallVec::insert_many	8 Jan 202112:00	–	osv
OSV	CVE-2021-25900	26 Jan 202118:16	–	osv
NVD	CVE-2021-25900	26 Jan 202118:16	–	nvd
SUSE Linux	Security update for librsvg (important)	1 May 202100:00	–	suse
Tenable Nessus	SUSE SLED15 / SLES15 Security Update : librsvg (SUSE-SU-2021:1408-1)	29 Apr 202100:00	–	nessus
Tenable Nessus	openSUSE Security Update : librsvg (openSUSE-2021-634)	18 May 202100:00	–	nessus
UbuntuCve	CVE-2021-25900	26 Jan 202100:00	–	ubuntucve
Prion	Heap overflow	26 Jan 202118:16	–	prion
Debian CVE	CVE-2021-25900	26 Jan 202118:16	–	debiancve

Nvd

Node

servo smallvecRange0.6.3–0.6.14rust

servo smallvecRange1.0.0–1.6.1rust

Source	Link
rustsec	www.rustsec.org/advisories/RUSTSEC-2021-0003.html

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

26 Jan 2021 18:16Current

9.5High risk

Vulners AI Score9.5

CVSS27.5

CVSS39.8

EPSS0.00547

CWE-787