crates.io package

tremor-script

pkg:cargo/tremor-script

Vulnerabilities (3)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2021-45701	—	>= 0.7.2, < 0.11.6	0.11.6	Dec 26, 2021	An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free.
CVE-2021-45702	—	>= 0.7.2, < 0.11.6	0.11.6	Dec 26, 2021	An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free.
CVE-2021-39228	—	>= 0.7.3, < 0.11.6	0.11.6	Sep 17, 2021	Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`. In this case, affected versions of Tre

CVE-2021-45701Dec 26, 2021
affected >= 0.7.2, < 0.11.6fixed 0.11.6
An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A patch operation may result in a use-after-free.
CVE-2021-45702Dec 26, 2021
affected >= 0.7.2, < 0.11.6fixed 0.11.6
An issue was discovered in the tremor-script crate before 0.11.6 for Rust. A merge operation may result in a use-after-free.
CVE-2021-39228Sep 17, 2021
affected >= 0.7.3, < 0.11.6fixed 0.11.6
Tremor is an event processing system for unstructured data. A vulnerability exists between versions 0.7.2 and 0.11.6. This vulnerability is a memory safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`. In this case, affected versions of Tre