5 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-35920
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
curl (>=0.4.7 <=0.4.8), dns-lookup (>=0.7.0 <=0.8.1) +5 more potentially affected by CVE-2020-35919 +1 more via socket2 (=0.2.4)
socket2 CARGO version =0.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on socket2 and may be impacted: - curl =0.4.7, =0.7.0, =0.3.0, =0.1.0, =0.2.2, =0.2.4 - miow =0.3.0 Source cves: CVE-2020-35919, CVE-2020-35920 Source advisory:...
CVE-2020-35920
An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
DEBIAN-CVE-2020-35920
An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
CVE-2020-35920
The CVE-2020-35920 entry concerns the Rust socket2 crate (before 0.3.16) that makes incorrect assumptions about the memory layout of std::net::SocketAddr. This mismatch can lead to invalid memory handling when converting between Rust socket addresses and system representations, potentially causin...