Home > Vulnerability Database > WS-2019-0505

Mend.io Vulnerability Database

WS-2019-0505

Good to know:

Date: April 19, 2019

Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. The flaw was corrected by Ralf Jung and Diggory Hardy.

Language: RUST

Severity Score

5.5

Related Resources (2)

Url: https://github.com/rust-random/rand/commit/7895ad4f655325141e55a3ec9fae87dab3d9014f

Url: https://www.mend.io/vulnerability-database/WS-2019-0505

Severity Score

5.5

Weakness Type (CWE)

Reliance on Undefined, Unspecified, or Implementation-Defined Behavior

CWE-758

Top Fix

Upgrade Version

Upgrade to version rand_core-0.4.2

Learn More

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2019-0505

Good to know:

Date: April 19, 2019

Language: RUST

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?