GHSA-w428-f65r-h4q2

Source

https://github.com/advisories/GHSA-w428-f65r-h4q2

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/01/GHSA-w428-f65r-h4q2/GHSA-w428-f65r-h4q2.json

Aliases

• CVE-2021-45687
• GHSA-jf5h-cf95-w759
• RUSTSEC-2021-0089

Published

2022-01-06T22:13:12Z

Modified

2023-11-08T04:07:21.872047Z

Details

An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.

References

• https://nvd.nist.gov/vuln/detail/CVE-2021-45687
• https://github.com/gz/rust-cpuid/issues/43
• https://github.com/gz/rust-cpuid
• https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/raw-cpuid/RUSTSEC-2021-0089.md
• https://rustsec.org/advisories/RUSTSEC-2021-0089.html