29 matches found
CVE-2021-45701
CVE-2021-45701 affects the tremor-script crate for Rust prior to 0.11.6, where a patch/merge operation could yield a use-after-free due to in-place optimization that reused memory from the event data. The vulnerability is described across multiple feeds (e.g., OSV entries for tremor-script and re...
CVE-2021-45702
The CVE-2021-45702 issue affects the tremor-script Rust crate prior to 0.11.6. A memory-safety flaw arises when performing a Merge or Patch and assigning the result back to the same state, where in-place optimization can leave references to data that has been freed. The root cause is the Value re...
CVE-2021-45702
An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free...
Memory Safety Issue when using patch or merge on state and assign the result back to state
Impact This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state. In this case affected versions of Tremor and the tremor-script crate maintains references to memory that might have been freed already. And these memory regions can be access...
CVE-2021-39228
Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state. In this case, affected versions of Tremor and the tremor-script...
Design/Logic Flaw
Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using patch or merge on state and assign the result back to state. In this case, affected versions of Tremor and the tremor-script...
CVE-2021-39228
CVE-2021-39228 affects Tremor 0.7.2–0.11.6, including the tremor-script crate. The issue is a memory-safety bug that occurs when using tremor-script’s patch or merge on the state and assigning the result back to state; the optimizer could modify the target in place, leaving references to memory t...
RUSTSEC-2021-0111 Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`
Affected versions of this crate maintains references to memory that might have been freed already. If affects the following two tremor-script language constructs: A Merge where we assign the result back to the target expression and the expression to be merged needs to reference the event: let sta...
Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`
Affected versions of this crate maintains references to memory that might have been freed already. If affects the following two tremor-script language constructs: A Merge where we assign the result back to the target expression and the expression to be merged needs to reference the event: let sta...