Moderate severityNVD Advisory· Published Dec 31, 2020· Updated Aug 4, 2024
CVE-2020-35920
CVE-2020-35920
Description
An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
socket2crates.io | < 0.3.16 | 0.3.16 |
net2crates.io | < 0.2.36 | 0.2.36 |
Affected products
3- Rust/socket2description
- ghsa-coords2 versions
< 0.2.36+ 1 more
- (no CPE)range: < 0.2.36
- (no CPE)range: < 0.3.16
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-458v-4hrf-g3m4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-35920ghsaADVISORY
- github.com/deprecrated/net2-rs/issues/105ghsaWEB
- github.com/rust-lang/socket2-rs/issues/119ghsaWEB
- rustsec.org/advisories/RUSTSEC-2020-0078.htmlghsaWEB
- rustsec.org/advisories/RUSTSEC-2020-0079.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.