High severityNVD Advisory· Published Dec 26, 2021· Updated Nov 18, 2024
CVE-2018-25023
CVE-2018-25023
Description
An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
smallveccrates.io | < 0.6.13 | 0.6.13 |
Affected products
4- rust/smallvecdescription
- ghsa-coords3 versionspkg:cargo/smallvecpkg:rpm/opensuse/cargo-c&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/zram-generator&distro=openSUSE%20Tumbleweed
< 0.6.13+ 2 more
- (no CPE)range: < 0.6.13
- (no CPE)range: < 0.8.1~git0.cce1b08-2.1
- (no CPE)range: < 1.1.1~git5.8612dbb-1.1
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-55m5-whcv-c49cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-25023ghsaADVISORY
- github.com/servo/rust-smallvec/commit/e64afc8c473d43e375ab42bd33db2d0d4ac4e41bghsaWEB
- github.com/servo/rust-smallvec/issues/126ghsaWEB
- github.com/servo/rust-smallvec/pull/162ghsaWEB
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/smallvec/RUSTSEC-2018-0018.mdghsaWEB
- rustsec.org/advisories/RUSTSEC-2018-0018.htmlghsaWEB
News mentions
0No linked articles in our index yet.