An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010
References
Link | Resource |
---|---|
https://boats.gitlab.io/blog/post/failure-to-fehler/ | Exploit Third Party Advisory |
https://github.com/rust-lang-nursery/failure/issues/336 | Patch Third Party Advisory |
https://rustsec.org/advisories/RUSTSEC-2020-0036.html | Vendor Advisory |
Configurations
History
07 Nov 2023, 03:20
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010 |
17 Aug 2023, 14:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:failure_project:failure:*:*:*:*:*:rust:*:* |
01 Jan 2022, 18:37
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://boats.gitlab.io/blog/post/failure-to-fehler/ - Exploit, Third Party Advisory |
02 Jan 2021, 05:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | ** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010. |
01 Jan 2021, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary | ** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in the failure crate through 0.1.5 for Rust. It has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010. |
Information
Published : 2020-09-14 19:15
Updated : 2024-04-11 01:08
NVD link : CVE-2020-25575
Mitre link : CVE-2020-25575
CVE.ORG link : CVE-2020-25575
JSON object : View
Products Affected
failure_project
- failure
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')