CVE-2020-35860

An issue was discovered in the cbox crate through 2020-03-19 for Rust. The CBox API allows dereferencing raw pointers without a requirement for unsafe code...

Rust 代码问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A code issue vulnerability exists in cbox crate in versions of Mozilla Rust prior to 2020-03-19, which stems from the CBox API allowing dereferencing of raw pointers. No details of the vulnerability are provided...

CBox API allows to de-reference raw pointers without `unsafe` code

CBox and CSemiBox are part of the public API of the cbox crate and they allow to create smart pointers from raw pointers and de-reference them without the need of unsafe code...