GHSA-3vv3-frrq-6486

Suggest an improvement
Source
https://github.com/advisories/GHSA-3vv3-frrq-6486
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-3vv3-frrq-6486/GHSA-3vv3-frrq-6486.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-3vv3-frrq-6486
Aliases
Published
2021-08-25T20:59:20Z
Modified
2023-11-08T04:03:44.476394Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
Use of Uninitialized Resource in alg_ds
Details

An issue was discovered in the alg_ds crate through 2020-08-25 for Rust. Matrix::new() internally calls Matrix::fill_with() which uses *ptr = value pattern to initialize the buffer. This pattern assumes that there is an initialized struct at the address and drops it, which results in dropping of uninitialized struct.

References

Affected packages

crates.io / alg_ds

Package

Affected ranges

Type
SEMVER
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
0.3.1