rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
8c05fea5fa6e1776c015b855eebaa344d00e28a7
advisory-db/crates/alpm-rs/RUSTSEC-2020-0032.md
Alexis Mousset 8c05fea5fa Add cvss information from nvd (#1085)
2021-10-19 16:14:35 -06:00

552 B
Raw Blame History 

[advisory]
id = "RUSTSEC-2020-0032"
package = "alpm-rs"
aliases = ["CVE-2020-35885"]
cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
date = "2020-08-20"
informational = "unsound"
url = "https://github.com/pigeonhands/rust-arch/issues/2"

[versions]
patched = []

StrcCtx deallocates a memory region that it doesn't own

StrcCtx deallocate a memory region that it doesn't own when StrcCtx is created without using StrcCtx::new. This can introduce memory safety issues such as double-free and use-after-free to client programs.