Critical severityNVD Advisory· Published Aug 8, 2021· Updated Aug 4, 2024
CVE-2020-36443
CVE-2020-36443
Description
An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::poll_read(), which is a user-provided trait function.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
libp2p-deflatecrates.io | < 0.27.1 | 0.27.1 |
Affected products
2- Rust/libp2p-deflatedescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-gvcp-948f-8f2pghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-36443ghsaADVISORY
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/libp2p-deflate/RUSTSEC-2020-0123.mdmitrex_refsource_MISC
- rustsec.org/advisories/RUSTSEC-2020-0123.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.