Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:9 p.m.5 views

CVE-2021-45705

An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...

9.8CVSS6.8AI score0.01191EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/06/17 12:13 a.m.4 views

boringdb (>=0.2.0 <=0.3.10), bp7 (>=0.7.0 <=0.8.1) +19 more potentially affected by CVE-2021-45705 via nanorand (=0.5.2)

nanorand CARGO version =0.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on nanorand and may be impacted: - boringdb =0.2.0, =0.7.0, =0.13.0, =0.4.0, =0.10.0, =0.3.0, =0.3.14, =0.4.2, =0.4.1, =0.6.1, =0.1.0, =0.1.7, =0.2.1 and more Source cves:...

9.8CVSS7.2AI score0.01191EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/12/27 12:15 a.m.2 views

CVE-2021-45705

An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...

9.8CVSS5.8AI score0.01191EPSS
Exploits0References3
OSV
OSV
added 2021/12/27 12:15 a.m.4 views

CVE-2021-45705

An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...

9.8CVSS7.3AI score0.01191EPSS
Exploits0References2
CVE
CVE
added 2021/12/26 9:48 p.m.62 views

CVE-2021-45705

The CVE-2021-45705 entry affects the Rust nanorand crate, specifically versions before 0.6.1. The root cause is that the TlsWyRand Deref implementation dereferences a raw pointer, which can yield multiple mutable references to the same object and results in undefined behavior. Impact described in...

9.8CVSS9.2AI score0.01191EPSS
Exploits0References2Affected Software1
vulnersOsv
vulnersOsv
added 2021/09/23 12:0 p.m.3 views

boringdb (>=0.2.0 <=0.3.10), bp7 (>=0.7.0 <=0.8.1) +19 more potentially affected by CVE-2021-45705 via nanorand (=0.5.2)

nanorand CARGO version =0.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on nanorand and may be impacted: - boringdb =0.2.0, =0.7.0, =0.13.0, =0.4.0, =0.10.0, =0.3.0, =0.3.14, =0.4.2, =0.4.1, =0.6.1, =0.1.0, =0.1.7, =0.2.1 and more Source cves:...

9.8CVSS7.2AI score0.01191EPSS
Exploits0
Rows per page
Query Builder