Vulnerability Details CVE-2020-36514
An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 62.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/acc_reader/RUSTSEC-2020-0155.md
- https://rustsec.org/advisories/RUSTSEC-2020-0155.html
- https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/acc_reader/RUSTSEC-2020-0155.md
- https://rustsec.org/advisories/RUSTSEC-2020-0155.html
Products affected by CVE-2020-36514
-
cpe:2.3:a:acc_reader_project:acc_reader:-
-
cpe:2.3:a:acc_reader_project:acc_reader:1.0.0
-
cpe:2.3:a:acc_reader_project:acc_reader:2.0.0