RUSTSEC-2020-0159

Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0159.json
Published
2020-11-10T12:00:00Z
Modified
2022-08-04T19:52:46Z
Details

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References

References

Affected packages

crates.io / chrono

chrono

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.4.20

Affected versions

Ecosystem specific

{
    "affects": {
        "arch": [],
        "os": [],
        "functions": []
    }
}

Database specific

{
    "informational": null,
    "cvss": null,
    "categories": [
        "code-execution",
        "memory-corruption"
    ]
}