Lucene search
GoogleOSV:GHSA-55M5-WHCV-C49CHistoryJan 06, 2022 - 10:20 p.m.
Use of Uninitialized Resource in smallvec
2022-01-0622:20:28
Google
osv.dev
2
0.001 Low
EPSS
Percentile
40.7%
Affected versions of this crate called mem::uninitialized() to create values of a user-supplied type T. This is unsound e.g. if T is a reference type (which must be non-null and thus may not remain uninitialized). The flaw was corrected by avoiding the use of mem::uninitialized(), using MaybeUninit instead.
References
github.com/servo/rust-smallvec
github.com/servo/rust-smallvec/commit/e64afc8c473d43e375ab42bd33db2d0d4ac4e41b
github.com/servo/rust-smallvec/issues/126
github.com/servo/rust-smallvec/pull/162
nvd.nist.gov/vuln/detail/CVE-2018-25023
raw.githubusercontent.com/rustsec/advisory-db/main/crates/smallvec/RUSTSEC-2018-0018.md
rustsec.org/advisories/RUSTSEC-2018-0018.html
Related
ubuntucve
ubuntucve
CVE-2018-25023
2021-12-27 00:00:00
nvd
nvd
CVE-2018-25023
2021-12-27 00:15:07
prion
prion
Design/Logic Flaw
2021-12-27 00:15:00
cvelist
cvelist
CVE-2018-25023
2021-12-26 00:00:00
cve
cve
CVE-2018-25023
2021-12-27 00:15:07
osv
osv
smallvec creates uninitialized value of any type
2021-08-25 21:00:25
smallvec creates uninitialized value of any type
2018-09-25 12:00:00
CVE-2018-25023
2021-12-27 00:15:07
cnvd
cnvd
Mozilla Rust has an unspecified vulnerability
2021-12-28 00:00:00
rustsec
rustsec
smallvec creates uninitialized value of any type
2018-09-25 12:00:00
github
github
Use of Uninitialized Resource in smallvec
2022-01-06 22:20:28
debiancve
debiancve
CVE-2018-25023
2021-12-27 00:15:07