Vulnerability Database
Blog
FAQ
Docs
GHSA-x54v-qxxr-93qc
Source
https://github.com/advisories/GHSA-x54v-qxxr-93qc
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-x54v-qxxr-93qc/GHSA-x54v-qxxr-93qc.json
Aliases
CVE-2020-25791
CVE-2020-25792
CVE-2020-25793
CVE-2020-25794
CVE-2020-25795
CVE-2020-25796
GHSA-64gv-qg2v-vxv6
GHSA-9p9m-9xww-qjcx
GHSA-fqpx-cq8x-9wp4
GHSA-mp6f-p9gp-vpj9
GHSA-rfgg-vccr-m46m
RUSTSEC-2020-0041
Published
2021-08-25T20:45:01Z
Modified
2024-03-15T00:05:17.938691Z
Summary
Missing release of memory in sized-chunks
Details
Chunk:
Array size is not checked when constructed with unit() and pair().
Array size is not checked when constructed with From<InlineArray<A, T>>.
Clone and insert_from are not panic-safe; A panicking iterator causes memory safety issues with them.
InlineArray:
Generates unaligned references for types with a large alignment requirement.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-25795
https://github.com/bodil/sized-chunks/issues/11
https://github.com/bodil/sized-chunks
https://rustsec.org/advisories/RUSTSEC-2020-0041.html
Affected packages
crates.io
/
sized-chunks
Package
Name
sized-chunks
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Fixed
0.6.3
GHSA-x54v-qxxr-93qc - OSV