CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Calamine Project: Security Vulnerabilities

CVE-2021-26951

An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::set_len is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get.

CVSS Score

9.8

EPSS Score

0.005

Published

2021-02-09

Page 1

Vulnerabilities

Vulnerable Software

Calamine Project: Security Vulnerabilities

Products

Pricing

Contact Us