Vulnerability Details CVE-2021-26958
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::cast_event uses std::mem::transmute to return a reference to an arbitrary type.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.1%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
Products affected by CVE-2021-26958
-
cpe:2.3:a:xcb_project:xcb:-
-
cpe:2.3:a:xcb_project:xcb:2020-12-10
-
cpe:2.3:a:xcb_project:xcb:2021-02-04