- Reported
-
- Issued
-
- Package
-
tokio-postgres
(crates.io)
- Type
-
Vulnerability
- Categories
-
- Keywords
-
#datarow
- References
-
- CVSS Score
- 6.9
MEDIUM
- CVSS Details
-
- Attack Complexity
- Low
- Attack Requirements
- None
- Attack Vector
- Network
- Privileges Required
- None
- Availability Impact to the Subsequent System
- None
- Confidentiality Impact to the Subsequent System
- None
- Integrity Impact to the Subsequent System
- None
- User Interaction
- None
- Availability Impact to the Vulnerable System
- Low
- Confidentiality Impact to the Vulnerable System
- None
- Integrity Impact to the Vulnerable System
- None
- CVSS Vector
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
- Patched
-
- Unaffected
-
- Affected Functions
- Version
tokio_postgres::Row::get-
tokio_postgres::Row::try_get-
tokio_postgres::SimpleQueryRow::get-
tokio_postgres::SimpleQueryRow::try_get-
Description
A malicious or compromised server can send a row containing fewer fields than
its row description declares columns. Reading one of the missing columns then
panics with an out-of-bounds index, aborting the calling task. This affects even
the otherwise non-panicking try_get, and both Row and SimpleQueryRow.
Applications that connect only to a trusted database are not exposed; the risk
applies to clients that may connect to untrusted or user-supplied servers, or
whose connection can be intercepted by a man-in-the-middle.
Advisory available under CC0-1.0
license.