Headline
CVE-2020-35872: Various memory safety issues › RustSec Advisory Database
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the repr(Rust) type.
History ⋅ Edit
RUSTSEC-2020-0014
Various memory safety issues
Issued
April 23, 2020
Package
rusqlite (crates.io)
Type
Vulnerability
Aliases
- CVE-2020-35866
- CVE-2020-35867
- CVE-2020-35868
- CVE-2020-35869
- CVE-2020-35870
- CVE-2020-35871
- CVE-2020-35872
- CVE-2020-35873
Details
https://github.com/rusqlite/rusqlite/releases/tag/0.23.0
Patched
>=0.23.0
Affected Functions
Version
rusqlite::Connection::get_aux
<0.23.0
rusqlite::Connection::set_aux
<0.23.0
rusqlite::session::Session::attach
<0.23.0
rusqlite::session::Session::diff
<0.23.0
rusqlite::trace::log
<0.23.0
rusqlite::vtab::create_module
<0.23.0
Description
Several memory safety issues have been uncovered in an audit of rusqlite.
See https://github.com/rusqlite/rusqlite/releases/tag/0.23.0 for a complete list.