PT-2020-17509 · Rust · Ozone Crate

Published

2020-07-04

Updated

2021-08-25

CVE-2020-35877

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions ozone crate versions through 0.1.0 ozone crate versions through 2020-07-04

Description An issue was discovered in the ozone crate for Rust, where memory safety is violated due to out-of-bounds access and the dropping of uninitialized memory.

Recommendations For ozone crate versions through 0.1.0, consider updating to a version that addresses the memory safety issues. For ozone crate versions through 2020-07-04, consider updating to a version that addresses the memory safety issues. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Buffer Overflow

Use of Uninitialized Resource

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-908

Related Identifiers

CVE-2020-35877

GHSA-M3WW-7HRP-GW9W

GHSA-P2Q9-9CQ6-H3JW

RUSTSEC-2020-0022

Affected Products

Ozone Crate

PT-2020-17509 · Rust · Ozone Crate

CVE-2020-35877

Weakness Enumeration

Related Identifiers

Affected Products

References · 11