CVE-2021-45695

EUVD-2022-0425
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
mopa_projectmopa
𝑥
≤ 0.2.2
𝑥
= Vulnerable software versions
References
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/mopa/RUSTSEC-2021-0095.md
https://rustsec.org/advisories/RUSTSEC-2021-0095.html
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/mopa/RUSTSEC-2021-0095.md
https://rustsec.org/advisories/RUSTSEC-2021-0095.html