GHSA-x76r-966h-5qv9

Source

https://github.com/advisories/GHSA-x76r-966h-5qv9

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/01/GHSA-x76r-966h-5qv9/GHSA-x76r-966h-5qv9.json

Aliases

CVE-2021-45680
GHSA-jmwx-r3gq-qq3p
RUSTSEC-2021-0082

Published

2022-01-06T22:15:56Z

Modified

2023-11-08T04:07:21.429742Z

Details

An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption.

References

https://nvd.nist.gov/vuln/detail/CVE-2021-45680
https://github.com/Eolu/vec-const/issues/1#issuecomment-898908241
https://github.com/Eolu/vec-const
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/vec-const/RUSTSEC-2021-0082.md
https://rustsec.org/advisories/RUSTSEC-2021-0082.html

Affected packages

crates.io / vec-const

Package

Name: vec-const

Affected ranges

Type: SEMVER
Events: Introduced

0The exact introduced commit is unknown

Fixed

2.0.0