3 matches found
ckb-analyzer (>=0.37.0 <=0.39.2), ckb-app-config (>=0.37.0 <=0.100.0-rc2) +60 more potentially affected by CVE-2021-45697 via molecule (>=0.2.5 <=0.7.1)
molecule CARGO version =0.2.5, =0.37.0, =0.37.0, =0.4.0, =0.37.0, =0.37.0, =0.37.0, =0.40.0, =0.40.0, =0.37.0, =0.37.0, =0.37.0, =0.37.0, =0.1.0, =0.37.0, =0.39.1 and more Source cves: CVE-2021-45697 Source advisory: OSV:GHSA-6P3C-V8VC-C244...
CVE-2021-45697
Summary: CVE-2021-45697 affects the Rust crate molecule prior to 0.7.2. The root cause is an incorrect result in a FixVec partial read, leading to incorrect read lengths/results. The vulnerability is tied to the FixVec handling in molecule, with impact described as incorrect read behavior; exploi...
ckb-analyzer (>=0.37.0 <=0.39.2), ckb-app-config (>=0.37.0 <=0.100.0-rc2) +60 more potentially affected by CVE-2021-45697 via molecule (>=0.2.5 <=0.7.1)
molecule CARGO version =0.2.5, =0.37.0, =0.37.0, =0.4.0, =0.37.0, =0.37.0, =0.37.0, =0.40.0, =0.40.0, =0.37.0, =0.37.0, =0.37.0, =0.37.0, =0.1.0, =0.37.0, =0.39.1 and more Source cves: CVE-2021-45697 Source advisory: OSV:RUSTSEC-2021-0103...