Lucene search
GoogleOSV:RUSTSEC-2020-0048HistoryJan 24, 2020 - 12:00 p.m.
Use-after-free in BodyStream due to lack of pinning
2020-01-2412:00:00
Google
osv.dev
13
EPSS
0.001
Percentile
45.3%
Affected versions of this crate did not require the buffer wrapped in BodyStream to be pinned,
but treated it as if it had a fixed location in memory. This may result in a use-after-free.
The flaw was corrected by making the trait MessageBody require Unpin
and making poll_next() function accept Pin<&mut Self> instead of &mut self.
Related
osv
osv
CVE-2020-35901
2020-12-31 09:15:14
Use-after-free in actix-http
2021-08-25 20:49:39
nvd
nvd
CVE-2020-35901
2020-12-31 09:15:14
cve
cve
CVE-2020-35901
2020-12-31 09:15:14
rustsec
rustsec
Use-after-free in BodyStream due to lack of pinning
2020-01-24 12:00:00
github
github
Use-after-free in actix-http
2021-08-25 20:49:39
cvelist
cvelist
CVE-2020-35901
2020-12-31 08:22:31
prion
prion
Design/Logic Flaw
2020-12-31 09:15:00