Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-br2s-a15r-6ffr
Summary
Channel creates zero value of any type
Affected versions of this crate called `mem::zeroed()` to create values of a user-supplied type `T`.
This is unsound e.g. if `T` is a reference type (which must be non-null).
 
The flaw was corrected by avoiding the use of `mem::zeroed()`, using `MaybeUninit` instead.
Aliases
0
alias GHSA-9g55-pg62-m8hh
Fixed_packages
0
url pkg:cargo/crossbeam-channel@0.4.3
purl pkg:cargo/crossbeam-channel@0.4.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-unmm-942j-gkh7
1
vulnerability VCID-w377-ghca-5fff
resource_url http://public2.vulnerablecode.io/packages/pkg:cargo/crossbeam-channel@0.4.3
Affected_packages
References
0
reference_url https://github.com/crossbeam-rs/crossbeam
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/crossbeam-rs/crossbeam
1
reference_url https://github.com/crossbeam-rs/crossbeam/pull/458
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/crossbeam-rs/crossbeam/pull/458
2
reference_url https://rustsec.org/advisories/RUSTSEC-2022-0019.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2022-0019.html
3
reference_url https://github.com/advisories/GHSA-9g55-pg62-m8hh
reference_id GHSA-9g55-pg62-m8hh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9g55-pg62-m8hh
Weaknesses
Exploits
Severity_range_score7.0 - 8.9
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-br2s-a15r-6ffr