CVE-2020-36323 - log back

CVE-2020-36323 edited at 07 May 2021 07:32:00
Description
- In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
+ In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
References
https://github.com/rust-lang/rust/issues/80335
https://github.com/rust-lang/rust/pull/81728
- https://github.com/rust-lang/rust/commit/5208f63ba8ec70a2a7a074d7ecd59a94693286fc
+ https://github.com/rust-lang/rust/commit/2fefd9ad07122a4cf1329d52f7c5fe7ccd0893c9
CVE-2020-36323 edited at 14 Apr 2021 11:30:34
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Information disclosure
Description
+ In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
References
+ https://github.com/rust-lang/rust/issues/80335
+ https://github.com/rust-lang/rust/pull/81728
+ https://github.com/rust-lang/rust/commit/5208f63ba8ec70a2a7a074d7ecd59a94693286fc
CVE-2020-36323 created at 14 Apr 2021 11:29:20
Severity
+ Unknown
Remote
+ Unknown
Type
+ Unknown
Description
References
Notes