Home > Vulnerability Database > WS-2019-0116

Mend.io Vulnerability Database

WS-2019-0116

Good to know:

Date: May 7, 2019

In slice-deque before 0.2.0, a bug in SliceDeque::move_head_unchecked allows an attacker that controls controls both element insertion and removal to corrupt the deque, such that reading elements from it would read bytes corresponding to other elements in the deque.

Language: RUST

Severity Score

5.1

Related Resources (3)

Url: https://github.com/gnzlbg/slice_deque/pull/58/commits/70c87a49451c4dfcb170461ad9c55fe2f104b7b4

Url: https://github.com/gnzlbg/slice_deque/issues/57

Url: https://www.mend.io/vulnerability-database/WS-2019-0116

Severity Score

5.1

Weakness Type (CWE)

Out-of-bounds Read

CWE-125

Top Fix

Upgrade Version

Upgrade to version 0.2.0

Learn More

CVSS v3.1

Base Score:	5.1
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2019-0116

Good to know:

Date: May 7, 2019

Language: RUST

Severity Score

Related Resources (3)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?