RUSTSEC-2019-0020

Source
https://rustsec.org/advisories/RUSTSEC-2019-0020
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2019-0020.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2019-0020
Aliases
Published
2019-09-06T12:00:00Z
Modified
2023-11-08T04:01:16.467319Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
fix unsound APIs that could lead to UB
Details

Affected versions of this crate API could use uninitialized memory with some APIs in special cases, like use the API in none generator context. This could lead to UB. The flaw was corrected by https://github.com/Xudong-Huang/generator-rs/issues/9 https://github.com/Xudong-Huang/generator-rs/issues/11 https://github.com/Xudong-Huang/generator-rs/issues/13 https://github.com/Xudong-Huang/generator-rs/issues/14
This patch fixes all those issues above.

Database specific
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / generator

Package

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.6.18

Ecosystem specific

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific

{
    "cvss": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "informational": null,
    "categories": []
}