Moderate severityNVD Advisory· Published Aug 26, 2019· Updated Aug 5, 2024
CVE-2018-20992
CVE-2018-20992
Description
An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
claxoncrates.io | >= 0.4.0, < 0.4.1 | 0.4.1 |
claxoncrates.io | < 0.3.2 | 0.3.2 |
Affected products
2- Rust/claxon cratedescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-8c6g-4xc5-w96cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-20992ghsaADVISORY
- github.com/ruuda/claxon/commit/8f28ec275e412dd3af4f3cda460605512faf332cghsaWEB
- github.com/ruuda/claxon/releases/tag/v0.3.2ghsaWEB
- github.com/ruuda/claxon/releases/tag/v0.4.1ghsaWEB
- rustsec.org/advisories/RUSTSEC-2018-0004.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.