CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
Configurations

Configuration 1

cpe:2.3:a:rust-lang:rust:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:34:*:*:*:*:*:*:*

Information

Published : 2021-04-14 07:15

Updated : 2021-04-27 02:37


NVD link : CVE-2020-36323

Mitre link : CVE-2020-36323

Products Affected
No products.
CWE
CWE-134

Use of Externally-Controlled Format String