Vulnerability Details CVE-2020-36465
An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 51.0%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/generic-array/RUSTSEC-2020-0146.md
- https://rustsec.org/advisories/RUSTSEC-2020-0146.html
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/generic-array/RUSTSEC-2020-0146.md
- https://rustsec.org/advisories/RUSTSEC-2020-0146.html
Products affected by CVE-2020-36465
-
cpe:2.3:a:generic-array_project:generic-array:0.10.0
-
cpe:2.3:a:generic-array_project:generic-array:0.11.0
-
cpe:2.3:a:generic-array_project:generic-array:0.11.1
-
cpe:2.3:a:generic-array_project:generic-array:0.12.0
-
cpe:2.3:a:generic-array_project:generic-array:0.12.1
-
cpe:2.3:a:generic-array_project:generic-array:0.12.2
-
cpe:2.3:a:generic-array_project:generic-array:0.12.3
-
cpe:2.3:a:generic-array_project:generic-array:0.13.0
-
cpe:2.3:a:generic-array_project:generic-array:0.13.1
-
cpe:2.3:a:generic-array_project:generic-array:0.13.2
-
cpe:2.3:a:generic-array_project:generic-array:0.8.0
-
cpe:2.3:a:generic-array_project:generic-array:0.8.1
-
cpe:2.3:a:generic-array_project:generic-array:0.8.2
-
cpe:2.3:a:generic-array_project:generic-array:0.8.3
-
cpe:2.3:a:generic-array_project:generic-array:0.9.0