CVE-2021-28305

Name
CVE-2021-28305
Description
An issue was discovered in the diesel crate before 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
NVD Severity
high
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Third Party Advisory https://rustsec.org/advisories/RUSTSEC-2021-0037.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:diesel_project:diesel:*:*:*:*:*:rust:*:* diesel >= None < 1.4.6

Vulnerable and fixed packages

Source package Branch Version Maintainer Status