Lucene search
K

29 matches found

CVE
CVE
added 2021/12/26 9:49 p.m.61 views

CVE-2021-45701

CVE-2021-45701 affects the tremor-script crate for Rust prior to 0.11.6, where a patch/merge operation could yield a use-after-free due to in-place optimization that reused memory from the event data. The vulnerability is described across multiple feeds (e.g., OSV entries for tremor-script and re...

9.8CVSS9.2AI score0.01191EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/26 9:48 p.m.62 views

CVE-2021-45702

The CVE-2021-45702 issue affects the tremor-script Rust crate prior to 0.11.6. A memory-safety flaw arises when performing a Merge or Patch and assigning the result back to the same state, where in-place optimization can leave references to data that has been freed. The root cause is the Value re...

7.5CVSS8.4AI score0.01053EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/26 9:48 p.m.26 views

CVE-2021-45702

An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free...

7.7AI score0.01053EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2021/09/20 7:52 p.m.40 views

Memory Safety Issue when using patch or merge on state and assign the result back to state

Impact This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state. In this case affected versions of Tremor and the tremor-script crate maintains references to memory that might have been freed already. And these memory regions can be access...

9.8CVSS9.5AI score0.01306EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2021/09/17 2:15 p.m.36 views

CVE-2021-39228

Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state. In this case, affected versions of Tremor and the tremor-script...

9.8CVSS0.01306EPSS
Exploits1References4
Prion
Prion
added 2021/09/17 2:15 p.m.18 views

Design/Logic Flaw

Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state. In this case, affected versions of Tremor and the tremor-script...

7.5CVSS9.7AI score0.01306EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2021/09/17 2:0 p.m.63 views

CVE-2021-39228

CVE-2021-39228 affects Tremor 0.7.2–0.11.6, including the tremor-script crate. The issue is a memory-safety bug that occurs when using tremor-script’s patch or merge on the state and assigning the result back to state; the optimizer could modify the target in place, leaving references to memory t...

9.8CVSS8.4AI score0.01306EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/09/16 12:0 p.m.33 views

RUSTSEC-2021-0111 Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`

Affected versions of this crate maintains references to memory that might have been freed already. If affects the following two tremor-script language constructs: A Merge where we assign the result back to the target expression and the expression to be merged needs to reference the event: let sta...

9.8CVSS8.5AI score0.01191EPSS
Exploits0References3
RustSec
RustSec
added 2021/09/16 12:0 p.m.20 views

Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`

Affected versions of this crate maintains references to memory that might have been freed already. If affects the following two tremor-script language constructs: A Merge where we assign the result back to the target expression and the expression to be merged needs to reference the event: let sta...

9.8CVSS0.3AI score0.01191EPSS
Exploits0Affected Software1
Rows per page
Query Builder