PT-2019-14540 · Rust · Generator Crate

Publicado

2019-09-06

Atualizado

2021-08-25

CVE-2019-16144

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions generator crate versions prior to 0.6.18

Description The issue arises from the use of uninitialized memory by Scope, done, and yield during API calls. This can lead to undefined behavior (UB) in certain cases, such as using the API in a non-generator context.

Recommendations For versions prior to 0.6.18, update to version 0.6.18 or later to resolve the issue. As a temporary workaround, consider avoiding the use of affected APIs in non-generator contexts until the update is applied.

Correção

Use of Uninitialized Resource

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-908

Identificadores relacionados

CVE-2019-16144

GHSA-6C65-XCF5-299X

RUSTSEC-2019-0020

Produtos afetados

Generator Crate

PT-2019-14540 · Rust · Generator Crate

CVE-2019-16144

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 11