2 matches found
airmash-protocol (>=0.2.0 <=0.3.0), altv-core (=0.1.0) +255 more potentially affected by CVE-2021-45695 via mopa (=0.2.2)
mopa CARGO version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mopa and may be impacted: - airmash-protocol =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.15.3 and more Source cves: CVE-2021-45695...
CVE-2021-45695
CVE-2021-45695 concerns the Rust crate mopa, which redefines the deprecated TraitObject to downcast trait objects. The core issue is reliance on the memory layout of &dyn Trait, risking memory-layout changes by the compiler and enabling scenarios such as ASLR bypass or even arbitrary code executi...