Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:RUSTSEC-2021-0068
HistoryMay 19, 2021 - 12:00 p.m.

Soundness issue in `iced-x86` versions <= 1.10.3

2021-05-1912:00:00
Google
osv.dev
6
soundness
iced-x86
versions
undefined behavior
crates
decoder
flaw
fix
input buffer
github.

EPSS

0.003

Percentile

68.2%

JSON

Versions of iced-x86 <= 1.10.3 invoke undefined behavior which may cause soundness
issues in crates using the iced_x86::Decoder struct. The Decoder::new() function
made a call to slice.get_unchecked(slice.length()) to get the end position of
the input buffer. The flaw was fixed with safe logic that does not invoke undefined
behavior.

More details can be found at <https://github.com/icedland/iced/issues/168&gt;.

Related

osv 1
prion 1
github 1
rustsec 1
cve 1
cnvd 1
cvelist 1
nvd 1
osv
osv
Incorrect buffer size calculation in iced-x86
2021-08-25 20:55:47
prion
prion
Code injection
2021-08-08 06:15:00
github
github
Incorrect buffer size calculation in iced-x86
2021-08-25 20:55:47
rustsec
rustsec
Soundness issue in `iced-x86` versions <= 1.10.3
2021-05-19 12:00:00
cve
cve
CVE-2021-38188
2021-08-08 06:15:08
cnvd
cnvd
Mozilla Rust has an unspecified vulnerability (CNVD-2021-61408)
2021-08-10 00:00:00
cvelist
cvelist
CVE-2021-38188
2021-08-08 05:10:26
nvd
nvd
CVE-2021-38188
2021-08-08 06:15:08

EPSS

0.003

Percentile

68.2%

JSON
Related for OSV:RUSTSEC-2021-0068
osv1prion1github1rustsec1cve1cnvd1cvelist1nvd1