PT-2019-14540 · Rust · Generator Crate

Published

2019-09-06

Updated

2021-08-25

CVE-2019-16144

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions generator crate versions prior to 0.6.18

Description The issue arises from the use of uninitialized memory by Scope, done, and yield during API calls. This can lead to undefined behavior (UB) in certain cases, such as using the API in a non-generator context.

Recommendations For versions prior to 0.6.18, update to version 0.6.18 or later to resolve the issue. As a temporary workaround, consider avoiding the use of affected APIs in non-generator contexts until the update is applied.

Fix

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-908

Related Identifiers

CVE-2019-16144

GHSA-6C65-XCF5-299X

RUSTSEC-2019-0020

Affected Products

Generator Crate

PT-2019-14540 · Rust · Generator Crate

CVE-2019-16144

Weakness Enumeration

Related Identifiers

Affected Products

References · 11