An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.
{"osv": [{"lastseen": "2022-05-11T21:47:38", "description": "An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2021-08-25T20:43:52", "type": "osv", "title": "Uninitialized memory exposure in claxon", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20992"], "modified": "2021-08-19T21:24:16", "id": "OSV:GHSA-8C6G-4XC5-W96C", "href": "https://osv.dev/vulnerability/GHSA-8c6g-4xc5-w96c", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-05-11T21:34:34", "description": "Affected versions of Claxon made an invalid assumption about the decode buffer\nsize being a multiple of a value read from the bitstream. This could cause parts\nof the decode buffer to not be overwritten. If the decode buffer was newly\nallocated and uninitialized, this uninitialized memory could be exposed.\n\nThis allows an attacker to observe parts of the uninitialized memory in the\ndecoded audio stream.\n\nThe flaw was corrected by checking that the value read from the bitstream divides\nthe decode buffer size, and returning a format error if it does not. If an error\nis returned, the decode buffer is not exposed. Regression tests and an\nadditional fuzzer have been added to prevent similar flaws in the future.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-08-25T12:00:00", "type": "osv", "title": "Malicious input could cause uninitialized memory to be exposed", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20992"], "modified": "2021-10-19T22:14:35", "id": "OSV:RUSTSEC-2018-0004", "href": "https://osv.dev/vulnerability/RUSTSEC-2018-0004", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-06-07T14:48:22", "description": "An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2019-08-26T13:15:00", "type": "cve", "title": "CVE-2018-20992", "cwe": ["CWE-908"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20992"], "modified": "2020-08-24T17:37:00", "cpe": ["cpe:/a:claxon_project:claxon:0.3.1", "cpe:/a:claxon_project:claxon:0.4.0"], "id": "CVE-2018-20992", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-20992", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:claxon_project:claxon:0.4.0:*:*:*:*:*:*:*", "cpe:2.3:a:claxon_project:claxon:0.3.1:*:*:*:*:*:*:*"]}], "rustsec": [{"lastseen": "2023-06-07T15:34:21", "description": "Affected versions of Claxon made an invalid assumption about the decode buffer\nsize being a multiple of a value read from the bitstream. This could cause parts\nof the decode buffer to not be overwritten. If the decode buffer was newly\nallocated and uninitialized, this uninitialized memory could be exposed.\n\nThis allows an attacker to observe parts of the uninitialized memory in the\ndecoded audio stream.\n\nThe flaw was corrected by checking that the value read from the bitstream divides\nthe decode buffer size, and returning a format error if it does not. If an error\nis returned, the decode buffer is not exposed. Regression tests and an\nadditional fuzzer have been added to prevent similar flaws in the future.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2018-08-25T12:00:00", "type": "rustsec", "title": "Malicious input could cause uninitialized memory to be exposed", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-20992"], "modified": "2021-10-19T22:14:35", "id": "RUSTSEC-2018-0004", "href": "https://rustsec.org/advisories/RUSTSEC-2018-0004", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}]}