An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a *u8 to a *u64.
References
Link | Resource |
---|---|
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/anymap/RUSTSEC-2021-0065.md | Third Party Advisory |
https://rustsec.org/advisories/RUSTSEC-2021-0065.html | Exploit Issue Tracking Patch Third Party Advisory |
Configurations
History
16 Aug 2021, 18:16
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
References | (MISC) https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/anymap/RUSTSEC-2021-0065.md - Third Party Advisory | |
References | (MISC) https://rustsec.org/advisories/RUSTSEC-2021-0065.html - Exploit, Issue Tracking, Patch, Third Party Advisory | |
CWE | CWE-681 | |
CPE | cpe:2.3:a:anymap_project:anymap:*:*:*:*:*:rust:*:* |
08 Aug 2021, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-08-08 06:15
Updated : 2023-12-10 13:55
NVD link : CVE-2021-38187
Mitre link : CVE-2021-38187
CVE.ORG link : CVE-2021-38187
JSON object : View
Products Affected
anymap_project
- anymap
CWE
CWE-681
Incorrect Conversion between Numeric Types