EUVD-2021-1535

Malware in sbrugna...

Read of uninitialized memory in cdr

An issue was discovered in Deserializer::readvec in the cdr crate before 0.2.4 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated heap memory, violating soundness...

CVE-2021-26305

An issue was discovered in Deserializer::readvec in the cdr crate before 0.2.4 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated heap memory, violating soundness...

CVE-2021-26305

An issue was discovered in Deserializer::readvec in the cdr crate before 0.2.4 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated heap memory, violating soundness...

Heap overflow

An issue was discovered in Deserializer::readvec in the cdr crate before 0.2.4 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated heap memory, violating soundness...

CVE-2021-26305

The CVE-2021-26305 issue affects the Rust crate cdr prior to 0.2.4, where Deserializer::read_vec could allow a user-provided Read implementation to access the old contents of newly allocated heap memory, creating a soundness vulnerability. The vulnerability arises from an uninitialized buffer bei...

cdr crate before for Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Deserializer :: readvec in the cdr package of Rust prior to 0.2.4, which stems from the fact that the user-supplied read implementation of Deserializer :: readvec can access th...