2 matches found
CVE-2020-11105
CVE-2020-11105 affects USC iLab cereal up to version 1.3.0, where serialization fidelity of std::shared_ptrs can be broken because the library caches shared_ptr raw addresses as identifiers. When a shared_ptr goes out of scope and a new one is allocated at the same address, serialized values may ...
CVE-2020-11104
CVE-2020-11104 affects USC iLab cereal up to version 1.3.0. Its serialization of an initialized long double into BinaryArchive/PortableBinaryArchive leaks several bytes of stack/heap memory, enabling leakage of sensitive information (memory layout or private keys) if the archive is distributed in...