7 matches found
GHSA-GVCP-948F-8F2P Use of Uninitialized Resource in libp2p-deflate
An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...
CVE-2020-36443
An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...
Code injection
An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...
CVE-2020-36443
An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::pollread, which is a user-provided trait function...
CVE-2020-36443
CVE-2020-36443 affects the libp2p-deflate crate prior to 0.27.1 for Rust. Root cause: an uninitialized buffer is passed to AsyncRead::poll_read(), invoked by a user-provided trait implementation. Impact: potential memory exposure from uninitialized memory; CVSS v3.1 base score 9.8 (CRITICAL), net...
RUSTSEC-2020-0123 Contents of uninitialized memory exposed in DeflateOutput's AsyncRead implementation
Affected versions of this crate passes an uninitialized buffer to a user-provided trait function AsyncRead::pollread. Arbitrary AsyncRead::pollread implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading...
Contents of uninitialized memory exposed in DeflateOutput's AsyncRead implementation
Affected versions of this crate passes an uninitialized buffer to a user-provided trait function AsyncRead::pollread. Arbitrary AsyncRead::pollread implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading...