CVE-2020-36323

Published April 14th, 2021

View on NVD ↗

CVSS v3

8.2

HIGH

CVSS v2

6.4

MEDIUM

Affected

PROJECT

Description

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

rust-lang/rust

Empowering everyone to build reliable and efficient software.

GitHub

114K