Lucene search
K

Optional `Deserialize` implementations lacking validation

🗓️ 20 Jan 2021 12:00:00Reported by rustsecType 
rustsec
 rustsec
🔗 rustsec.org👁 16 Views

Optional 'Deserialize' lacks validation for non-default 'serialize' feature, leading to undefined behavior and panic

Related
Detection
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2021-45687
27 Dec 202100:15
attackerkb
CNNVD
Rust raw-cpuid crate 输入验证错误漏洞
27 Dec 202100:00
cnnvd
CNVD
Rust raw-cpuid crate has an unspecified vulnerability
28 Dec 202100:00
cnvd
CVE
CVE-2021-45687
26 Dec 202121:51
cve
Cvelist
CVE-2021-45687
26 Dec 202121:51
cvelist
EUVD
EUVD-2022-0714
3 Oct 202520:07
euvd
Github Security Blog
Deserialization of Untrusted Data in rust-cpuid
6 Jan 202222:13
github
NVD
CVE-2021-45687
27 Dec 202100:15
nvd
OSV
CVE-2021-45687
27 Dec 202100:15
osv
OSV
GHSA-JF5H-CF95-W759 Optional `Deserialize` implementations lacking validation
17 Jun 202200:16
osv
Rows per page
Vulners
Node
gzraw-cpuidRange3.1.1-09.1.1rust

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

13 Jun 2023 13:10Current
1.6Low risk
Vulners AI Score1.6
CVSS 26.8
CVSS 3.19.8
EPSS0.01123
16