High severity7.5NVD Advisory· Published Mar 5, 2021· Updated Jun 17, 2026
CVE-2021-28036
CVE-2021-28036
Description
An issue was discovered in the quinn crate before 0.7.0 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
quinncrates.io | < 0.5.4 | 0.5.4 |
quinncrates.io | >= 0.6.0, < 0.6.2 | 0.6.2 |
Affected products
2- Rust/quinndescription
Patches
Vulnerability mechanics
References
4- rustsec.org/advisories/RUSTSEC-2021-0035.htmlnvdPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-fhv4-fx3v-77w6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-28036ghsaADVISORY
- github.com/quinn-rs/quinn/issues/968ghsaWEB
News mentions
0No linked articles in our index yet.