130 matches found
CVE-2021-45693
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestringprimitive may read from uninitialized memory locations...
Memory corruption
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializeextensionothers may read from uninitialized memory locations...
Memory corruption
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestring may read from uninitialized memory locations...
Memory corruption
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestringprimitive may read from uninitialized memory locations...
Memory corruption
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializebinary may read from uninitialized memory locations...
Rust messagepack-rs crate安全漏洞
Rust messagepack-rs crate is messagepack-rs is a pure Rust MessagePack implementation. A security vulnerability exists in Rust messagepack-rs crate in versions prior to 2021-01-26, which stems from the fact that deserializeextensionothers can read data from uninitialized memory locations...
Rust messagepack-rs crate安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. rust messagepack-rs crate has a security vulnerability in versions prior to 2021-01-26, which could be exploited by attackers to read data from uninitialized memory locations...
Rust messagepack-rs crate安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. rust messagepack-rs crate has a security vulnerability in versions prior to 2021-01-26, which can be exploited by attackers to deserializebinary to read data from an uninitialized memory location...
Rust messagepack-rs crate 安全漏洞
Rust messagepack-rs crate is messagepack-rs is a pure Rust MessagePack implementation. A security vulnerability exists in Rust messagepack-rs crate in versions prior to 2021-01-26, which stems from the fact that deserializestringprimitive can read data from uninitialized memory locations...
CVE-2021-45690
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializebinary may read from uninitialized memory locations...
CVE-2021-45690
CVE-2021-45690 affects the Rust crate messagepack-rs. The issue is in deserialization: deserialize_binary (and related paths) may read from uninitialized memory locations, leading to potential undefined behavior in safe Read implementations. Documented targets include deserialize_binary, deserial...
CVE-2021-45691
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestring may read from uninitialized memory locations...
CVE-2021-45691
CVE-2021-45691 affects the Rust crate messagepack-rs (through 2021-01-26). The issue is that deserialize_string may read from uninitialized memory locations, leading to potentially unsafe reads. According to NVD, the vulnerability has a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack v...
CVE-2021-45692
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializeextensionothers may read from uninitialized memory locations...
CVE-2021-45692
The CVE-2021-45692 issue affects the Rust crate messagepack-rs. Affected component: deserialize_extension_others (and related paths like deserialize_binary, deserialize_string, deserialize_string_primitive) may read from uninitialized memory locations, potentially causing undefined behavior or me...
CVE-2021-45693
The CVE-2021-45693 entry concerns the Rust crate messagepack-rs (through 2021-01-26). The vulnerability affects the deserialize_string_primitive function, which may read from uninitialized memory locations, potentially leading to memory corruption. Public references include Red Hat and OSV entrie...
CVE-2021-45693
An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestringprimitive may read from uninitialized memory locations...
GHSA-GMJW-49P4-PCFM Prototype poisoning
Impact The issue is as follows: when msgpack5 decodes a map containing a key "proto", it assigns the decoded value to proto. As you are no doubt aware, Object.prototype.proto is an accessor property for the receiver's prototype. If the value corresponding to the key proto decodes to an object or...
CVE-2021-21368
msgpack5 is a msgpack v5 implementation for node.js and the browser. In msgpack5 before versions 3.6.1, 4.5.1, and 5.2.1 there is a "Prototype Poisoning" vulnerability. When msgpack5 decodes a map containing a key "proto", it assigns the decoded value to proto. Object.prototype.proto is an access...
CVE-2021-21368 Prototype poisoning
msgpack5 is a msgpack v5 implementation for node.js and the browser. In msgpack5 before versions 3.6.1, 4.5.1, and 5.2.1 there is a "Prototype Poisoning" vulnerability. When msgpack5 decodes a map containing a key "proto", it assigns the decoded value to proto. Object.prototype.proto is an access...