VYPR
Critical severityNVD Advisory· Published Jan 29, 2021· Updated Aug 3, 2024

CVE-2021-26305

CVE-2021-26305

Description

An issue was discovered in Deserializer::read_vec in the cdr crate before 0.2.4 for Rust. A user-provided Read implementation can gain access to the old contents of newly allocated heap memory, violating soundness.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
cdrcrates.io
< 0.2.40.2.4

Affected products

2
  • cdr crate/cdr cratedescription
  • ghsa-coords
    Range: < 0.2.4

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.