CVE-2021-25900

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-25900

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-25900.json

Aliases

GHSA-43w2-9j62-hq99
RUSTSEC-2021-0003

Published

2021-01-26T18:16:22Z

Modified

2023-11-29T08:43:55.055014Z

Details

An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

References

https://rustsec.org/advisories/RUSTSEC-2021-0003.html

Affected packages

Git / github.com/servo/rust-smallvec

Affected ranges

Type: GIT
Repo: https://github.com/servo/rust-smallvec
Events: Introduced

34c26282c41548b3bd3749b7f4bc38c4fd1f4cfb

Fixed

4e53e072808815ed6b847c77193c568ee076c29d

Introduced

fcb1b7e99a2a98d928983af78a494ef566cbde8b

Affected versions

v1.*

v1.0.0

v1.1.0

v1.2.0

v1.3.0

v1.4.0

v1.4.1

v1.4.2

v1.5.0

v1.5.1

v1.6.0