7.5
CVE-2021-31919
- EPSS 1.08%
- Veröffentlicht 30.04.2021 03:15:07
- Zuletzt bearbeitet 21.11.2024 06:06:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginAn issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Rkyv Project ≫ Rkyv SwPlatformrust Version < 0.6.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.08% | 0.607 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-909 Missing Initialization of Resource
The product does not initialize a critical resource.
https://rustsec.org/advisories/RUSTSEC-2021-0054.html