6 matches found
CVE-2021-45705
An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...
boringdb (>=0.2.0 <=0.3.10), bp7 (>=0.7.0 <=0.8.1) +19 more potentially affected by CVE-2021-45705 via nanorand (=0.5.2)
nanorand CARGO version =0.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on nanorand and may be impacted: - boringdb =0.2.0, =0.7.0, =0.13.0, =0.4.0, =0.10.0, =0.3.0, =0.3.14, =0.4.2, =0.4.1, =0.6.1, =0.1.0, =0.1.7, =0.2.1 and more Source cves:...
CVE-2021-45705
An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...
CVE-2021-45705
An issue was discovered in the nanorand crate before 0.6.1 for Rust. There can be multiple mutable references to the same object because the TlsWyRand Deref implementation dereferences a raw pointer...
CVE-2021-45705
The CVE-2021-45705 entry affects the Rust nanorand crate, specifically versions before 0.6.1. The root cause is that the TlsWyRand Deref implementation dereferences a raw pointer, which can yield multiple mutable references to the same object and results in undefined behavior. Impact described in...
boringdb (>=0.2.0 <=0.3.10), bp7 (>=0.7.0 <=0.8.1) +19 more potentially affected by CVE-2021-45705 via nanorand (=0.5.2)
nanorand CARGO version =0.5.2 is affected by a known vulnerability. The following packages have a transitive dependency on nanorand and may be impacted: - boringdb =0.2.0, =0.7.0, =0.13.0, =0.4.0, =0.10.0, =0.3.0, =0.3.14, =0.4.2, =0.4.1, =0.6.1, =0.1.0, =0.1.7, =0.2.1 and more Source cves:...