4 matches found
NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +313 more potentially affected by CVE-2020-35901 via actix-http (>=0.1.5 <=1.0.1)
actix-http CARGO version =0.1.5, =0.1.0, =0.8.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2020-35901 Source advisory: OSV:GHSA-V3J6-XF77-8R9C...
CVE-2020-35901
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream...
CVE-2020-35901
CVE-2020-35901 affects the actix-http crate for Rust, with exploitation possible via a use-after-free in BodyStream caused by lack of pinning. The issue is tied to the crate’s handling of buffers and memory location, and is mitigated by upgrading to a fixed version (2.0.0-alpha.1) or later as ind...
NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +313 more potentially affected by CVE-2020-35901 via actix-http (>=0.1.5 <=1.0.1)
actix-http CARGO version =0.1.5, =0.1.0, =0.8.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2020-35901 Source advisory: OSV:RUSTSEC-2020-0048...