An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization, the archive content may contain uninitialized values of certain parts of a struct.
References
Link | Resource |
---|---|
https://rustsec.org/advisories/RUSTSEC-2021-0054.html | Third Party Advisory |
Configurations
History
12 Jul 2022, 17:42
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-909 |
09 May 2021, 03:39
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:rkyv_project:rkyv:*:*:*:*:*:rust:*:* | |
References | (MISC) https://rustsec.org/advisories/RUSTSEC-2021-0054.html - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : 5.0
v3 : 7.5 |
CWE | CWE-772 |
30 Apr 2021, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-04-30 03:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-31919
Mitre link : CVE-2021-31919
CVE.ORG link : CVE-2021-31919
JSON object : View
Products Affected
rkyv_project
- rkyv
CWE
CWE-909
Missing Initialization of Resource