Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:RUSTSEC-2020-0002
HistoryJan 16, 2020 - 12:00 p.m.

Parsing a specially crafted message can result in a stack overflow

2020-01-1612:00:00
Google
osv.dev
6

0.007 Low

EPSS

Percentile

80.5%

JSON

Affected versions of this crate contained a bug in which decoding untrusted
input could overflow the stack.

On architectures with stack probes (like x86), this can be used for denial of
service attacks, while on architectures without stack probes (like ARM)
overflowing the stack is unsound and can result in potential memory corruption
(or even RCE).

The flaw was quickly corrected by @danburkert and released in version 0.6.1.

CPENameOperatorVersion
prostlt0.6.1

Related

rustsec 1
cvelist 1
nvd 1
osv 2
cve 1
github 1
prion 1
rustsec
rustsec
Parsing a specially crafted message can result in a stack overflow
2020-01-16 12:00:00
cvelist
cvelist
CVE-2020-35858
2020-12-31 08:30:51
nvd
nvd
CVE-2020-35858
2020-12-31 10:15:14
osv
osv
CVE-2020-35858
2020-12-31 10:15:14
Out of bounds write in prost
2021-08-25 20:46:11
cve
cve
CVE-2020-35858
2020-12-31 10:15:14
github
github
Out of bounds write in prost
2021-08-25 20:46:11
prion
prion
Remote code execution
2020-12-31 10:15:00

0.007 Low

EPSS

Percentile

80.5%

JSON
Related for OSV:RUSTSEC-2020-0002
rustsec1cvelist1nvd1osv2cve1github1prion1