High severityNVD Advisory· Published Dec 26, 2021· Updated Aug 4, 2024
CVE-2021-45702
CVE-2021-45702
Description
An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
tremor-scriptcrates.io | >= 0.7.2, < 0.11.6 | 0.11.6 |
Affected products
2- rust/tremor-scriptdescription
Patches
Vulnerability mechanics
References
6- github.com/advisories/GHSA-9qvw-46gf-4fv8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-45702ghsaADVISORY
- github.com/tremor-rs/tremor-runtime/commit/1a2efcdbe68e5e7fd0a05836ac32d2cde78a0b2eghsaWEB
- github.com/tremor-rs/tremor-runtime/pull/1217ghsaWEB
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/tremor-script/RUSTSEC-2021-0111.mdghsax_refsource_MISCWEB
- rustsec.org/advisories/RUSTSEC-2021-0111.htmlghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.