Vulnerability Details CVE-2018-25028
An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_context can cause a use-after-free.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.1%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/libpulse-binding/RUSTSEC-2018-0021.md
- https://rustsec.org/advisories/RUSTSEC-2018-0021.html
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/libpulse-binding/RUSTSEC-2018-0021.md
- https://rustsec.org/advisories/RUSTSEC-2018-0021.html
Products affected by CVE-2018-25028
-
cpe:2.3:a:libpulse-binding_project:libpulse-binding:1.0.5
-
cpe:2.3:a:libpulse-binding_project:libpulse-binding:1.1.0
-
cpe:2.3:a:libpulse-binding_project:libpulse-binding:1.2.0