crates.io package
pyo3
pkg:cargo/pyo3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-9979 | Med | 5.3 | >= 0.22.0, < 0.22.4 | 0.22.4 | Oct 15, 2024 | A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references. | |
| CVE-2020-35917 | — | >= 0.12.0, < 0.12.4 | 0.12.4 | Dec 31, 2020 | An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From<Py>. |
- affected >= 0.22.0, < 0.22.4fixed 0.22.4
A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references.
- CVE-2020-35917Dec 31, 2020affected >= 0.12.0, < 0.12.4fixed 0.12.4
An issue was discovered in the pyo3 crate before 0.12.4 for Rust. There is a reference-counting error and use-after-free in From<Py>.