Servo: >> Smallvec Security Vulnerabilities
An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type.
CVSS Score
7.5
EPSS Score
0.002
Published
2021-12-27
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-01-26
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-26
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-08-26
An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free.
CVSS Score
9.8
EPSS Score
0.004
Published
2019-08-26