PT-2021-18731 · Outer Cgi · Outer Cgi

Solrabizna

Published

2021-01-31

Updated

2021-08-25

CVE-2021-30454

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions outer cgi crate versions prior to 0.2.1

Description An issue in the outer cgi crate allows a user-provided Read instance to receive an uninitialized memory buffer from KeyValueReader. This can cause the Read instance to read uninitialized memory, leading to undefined behavior and miscompilations.

Recommendations For outer cgi crate versions prior to 0.2.1, update to version 0.2.1 or later to fix the issue by ensuring buffers are zero-initialized before being passed to the Read instance.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2021-30454

GHSA-6VMQ-JH76-HQ43

RUSTSEC-2021-0051

Affected Products

Outer Cgi

PT-2021-18731 · Outer Cgi · Outer Cgi

CVE-2021-30454

Weakness Enumeration

Related Identifiers

Affected Products

References · 9