vulnerability

Oracle Linux: CVE-2020-36317: ELSA-2021-1935: rust-toolset:ol8 security, bug fix, and enhancement update (LOW) (Multiple Advisories)

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:P/A:N)
Published
2020-10-28
Added
2021-05-26
Modified
2024-11-29

Description

In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string.

Solution(s)

oracle-linux-upgrade-cargooracle-linux-upgrade-cargo-docoracle-linux-upgrade-clippyoracle-linux-upgrade-rlsoracle-linux-upgrade-rustoracle-linux-upgrade-rust-analysisoracle-linux-upgrade-rust-debugger-commonoracle-linux-upgrade-rust-docoracle-linux-upgrade-rustfmtoracle-linux-upgrade-rust-gdboracle-linux-upgrade-rust-lldboracle-linux-upgrade-rust-srcoracle-linux-upgrade-rust-std-staticoracle-linux-upgrade-rust-toolset

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today