logo

Advisories

Weaknesses

Fixes

Requirements

Compliance

CVE-2020-35871 rusqlite

Package

Manager: cargo
Name: rusqlite
Vulnerable Version: >=0 <0.23.0

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00336 pctl0.55788

Details

Data races in rusqlite An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API data race.

Metadata

Created: 2021-08-25T20:46:59Z
Modified: 2021-08-19T21:18:47Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/08/GHSA-rjh8-p66p-jrh5/GHSA-rjh8-p66p-jrh5.json
CWE IDs: ["CWE-362"]
Alternative ID: GHSA-rjh8-p66p-jrh5
Finding: F124
Auto approve: 1