Deserialization of untrusted data

2021-03-0509:15:00

PRIOn knowledge base

www.prio-n.com

AI Score

9.4

Confidence

High

EPSS

0.002

Percentile

61.5%

JSON

An issue was discovered in the byte_struct crate before 0.6.1 for Rust. There can be a drop of uninitialized memory if a certain deserialization method panics.

References

rustsec.org/advisories/RUSTSEC-2021-0032.html