CVE-2020-36318

Name
CVE-2020-36318
Description
In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://github.com/rust-lang/rust/issues/79808
Patch https://github.com/rust-lang/rust/pull/79814

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:rust-lang:rust:*:*:*:*:*:*:*:* rust >= 1.48.0 < 1.49.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status