CVE-2020-35890

An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity...

xxlib (>=0.1.0 <=0.4.0) potentially affected by CVE-2020-35890 +1 more via ordnung (=0.0.1)

ordnung CARGO version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ordnung and may be impacted: - xxlib =0.1.0, =0.4.0 Source cves: CVE-2020-35890, CVE-2020-35891 Source advisory: OSV:GHSA-QRWC-JXF5-G8X6...

CVE-2020-35890

An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity...

CVE-2020-35890

The CVE-2020-35890 entry concerns the ordnung crate for Rust, where compact::Vec may violate memory safety via out-of-bounds access when handling large capacity. Related advisories describe additional memory-safety issues, including a remove() path that can double-free and out-of-bounds reads. Pu...

xxlib (>=0.1.0 <=0.4.0) potentially affected by CVE-2020-35890 +1 more via ordnung (=0.0.1)

ordnung CARGO version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ordnung and may be impacted: - xxlib =0.1.0, =0.4.0 Source cves: CVE-2020-35890, CVE-2020-35891 Source advisory: OSV:RUSTSEC-2020-0038...