6.5
CVE-2018-20992
- EPSS 0.3%
- Veröffentlicht 26.08.2019 13:15:11
- Zuletzt bearbeitet 21.11.2024 04:02:38
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAn issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Claxon Project ≫ Claxon Version >= 0.2.0 <= 0.3.1
Claxon Project ≫ Claxon Version0.4.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.53 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2.8 | 3.6 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-908 Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.