4 matches found
CVE-2020-35869
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because rusqlite::trace::log mishandles format strings...
a3mo_lib (>=0.1.0 <=0.1.1), acid-store (>=0.1.0 <=0.11.2) +153 more potentially affected by CVE-2020-35866 +7 more via rusqlite (>=0.10.1 <=0.22.0)
rusqlite CARGO version =0.10.1, =0.1.0, =0.1.0, =0.2.11, =1.0.0, =0.2.2-beta.1, =0.2.0, =0.40.0, =0.8.0, =0.6.0, =1.1.0, =1.2.1, =1.2.5 and more Source cves: CVE-2020-35866, CVE-2020-35867, CVE-2020-35868, CVE-2020-35869, CVE-2020-35870, CVE-2020-35871, CVE-2020-35872, CVE-2020-35873 Source...
a3mo_lib (>=0.1.0 <=0.1.1), acid-store (>=0.1.0 <=0.11.2) +153 more potentially affected by CVE-2020-35866 +7 more via rusqlite (>=0.10.1 <=0.22.0)
rusqlite CARGO version =0.10.1, =0.1.0, =0.1.0, =0.2.11, =1.0.0, =0.2.2-beta.1, =0.2.0, =0.40.0, =0.8.0, =0.6.0, =1.1.0, =1.2.1, =1.2.5 and more Source cves: CVE-2020-35866, CVE-2020-35867, CVE-2020-35868, CVE-2020-35869, CVE-2020-35870, CVE-2020-35871, CVE-2020-35872, CVE-2020-35873 Source...
CVE-2020-35869
CVE-2020-35869 affects the Rust rusqlite crate prior to 0.23.0. The issue is a memory safety vulnerability caused by rusqlite::trace::log mishandling format strings, with CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base 9.8). Remediation: upgrade to rusqlite 0.23.0 or later. Current documents d...