An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010
References
Link | Resource |
---|---|
https://boats.gitlab.io/blog/post/failure-to-fehler/ | Exploit Third Party Advisory |
https://github.com/rust-lang-nursery/failure/issues/336 | Patch Third Party Advisory |
https://rustsec.org/advisories/RUSTSEC-2020-0036.html | Vendor Advisory |
Configurations
History
07 Nov 2023, 03:20
Type | Values Removed | Values Added |
---|---|---|
Summary | An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce "compatibility hazards" in some applications, and has a type confusion flaw when downcasting. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. NOTE: This may overlap CVE-2019-25010 |
17 Aug 2023, 14:30
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:failure_project:failure:*:*:*:*:*:rust:*:* |
Information
Published : 2020-09-14 19:15
Updated : 2024-08-04 16:15
NVD link : CVE-2020-25575
Mitre link : CVE-2020-25575
CVE.ORG link : CVE-2020-25575
JSON object : View
Products Affected
failure_project
- failure
CWE
CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')