CVE-2020-36323

Description


In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

References


PatchThird Party Advisory

PatchThird Party Advisory

PatchThird Party Advisory

Mailing ListThird Party Advisory

PatchThird Party Advisory

Mailing ListThird Party Advisory

Mailing ListThird Party Advisory

CvssV3 impact


BaseSeverity

HIGH

ConfidentialityImpact

LOW

AttackComplexity

LOW

Scope

UNCHANGED

AttackVector

NETWORK

AvailabilityImpact

HIGH

IntegrityImpact

NONE

PrivilegesRequired

NONE

BaseScore

8.2

VectorString

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Version

3.1

UserInteraction

NONE

CvssV2 impact


AccessComplexity

LOW

ConfidentialityImpact

PARTIAL

AvailabilityImpact

PARTIAL

IntegrityImpact

NONE

BaseScore

6.4

VectorString

AV:N/AC:L/Au:N/C:P/I:N/A:P

Version

2.0

AccessVector

NETWORK

Authentication

NONE