EUVD-2021-1826

Malware in sbrugna...

CVE-2021-26951

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...

Out of bounds write in calamine

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...

CVE-2021-26951

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...

Design/Logic Flaw

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...

CVE-2021-26951

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...

CVE-2021-26951

CVE-2021-26951 affects the Rust crate calamine prior to 0.17.0. The issue arises from using Vec::set_len without proper memory claiming, which can result in uninitialized memory being exposed to a user-provided Read operation, demonstrated by Sectors::get. This can lead to out-of-bounds/heap memo...