CVE-2021-45695

An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 74%
VendorProductVersion
mopa_projectmopa
𝑥
≤ 0.2.2
𝑥
= Vulnerable software versions
References
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/mopa/RUSTSEC-2021-0095.md
https://rustsec.org/advisories/RUSTSEC-2021-0095.html
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/mopa/RUSTSEC-2021-0095.md
https://rustsec.org/advisories/RUSTSEC-2021-0095.html