5 matches found
CVE-2020-35876
An issue was discovered in the rio crate through 2020-05-11 for Rust. A struct can be leaked, allowing attackers to obtain sensitive information, cause a use-after-free, or cause a data race...
haneru (=0.0.0), marble (=0.0.0) +6 more potentially affected by CVE-2020-35876 via rio (=0.9.4)
rio CARGO version =0.9.4 is affected by a known vulnerability. The following packages have a transitive dependency on rio and may be impacted: - haneru =0.0.0 - marble =0.0.0 - mfio-rt =0.1.0 - pearl =0.4.0, =0.31.0, =0.25.1, =0.34.7-p1, =0.34.7-patched Source cves: CVE-2020-35876 Source advisory...
CVE-2020-35876
An issue was discovered in the rio crate through 2020-05-11 for Rust. A struct can be leaked, allowing attackers to obtain sensitive information, cause a use-after-free, or cause a data race...
CVE-2020-35876
Removed by vendor...
CVE-2020-35876
The CVE-2020-35876 entry relates to the rio crate (Rust) where leaking a rio::Completion can prevent its drop code from running, enabling access to or dropping of the underlying I/O buffer. This can lead to use-after-free, data races, or leaking secrets. The primary technical details are document...