Lucene search
GoogleOSV:GHSA-W428-F65R-H4Q2HistoryJan 06, 2022 - 10:13 p.m.
Deserialization of Untrusted Data in rust-cpuid
2022-01-0622:13:12
Google
osv.dev
8
deserialization
untrusted data
memory corruption
panic
rust
serialize
validation
raw-cpuid
EPSS
0.002
Percentile
65.2%
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
Related
cve
cve
CVE-2021-45687
2021-12-27 00:15:09
osv
osv
Optional `Deserialize` implementations lacking validation
2021-01-20 12:00:00
Optional `Deserialize` implementations lacking validation
2022-06-17 00:16:24
nvd
nvd
CVE-2021-45687
2021-12-27 00:15:09
cnvd
cnvd
Rust raw-cpuid crate has an unspecified vulnerability
2021-12-28 00:00:00
github
github
Deserialization of Untrusted Data in rust-cpuid
2022-01-06 22:13:12
rustsec
rustsec
Optional `Deserialize` implementations lacking validation
2021-01-20 12:00:00
prion
prion
Memory corruption
2021-12-27 00:15:00
cvelist
cvelist
CVE-2021-45687
2021-12-26 21:51:59