Reported

September 3, 2020

Issued

October 1, 2020 (last modified: June 13, 2023)

Package

ordnung (crates.io)

Type

Vulnerability

Aliases

• CVE-2020-35890
• CVE-2020-35891
• GHSA-4wj3-p7hj-cvx8
• GHSA-qrwc-jxf5-g8x6

References

• https://github.com/maciejhirsz/ordnung/issues/8

CVSS Score

7.5 HIGH

CVSS Details

Attack vector

Network

Attack complexity

Low

Privileges required

None

User interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Patched

no patched versions

Description

compact::Vec contains multiple memory safety issues.

1. It mishandles large capacity and causes out-of-bound access in 32-bit / allocator layout mismatch in 64-bit.
2. remove() is not panic-safe and causes double-free when an index larger than the length is provided.

Advisory available under CC0-1.0 license.