Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:cargo/hivex@0.2.0
Typecargo
Namespace
Namehivex
Version0.2.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version0.2.1
Latest_non_vulnerable_version0.2.1
Affected_by_vulnerabilities
0
url VCID-5xn6-mwz6-aydc
vulnerability_id VCID-5xn6-mwz6-aydc
summary 
Hive has Double-free and Use After Free Vulnerabilities
`Drop` implementation for `Hive` did perform free, but so did `Hive::close`, which, at the end of the scope performed `Drop`, therefore triggering double-free.

Additionally, function `Hive::from_handle` was not marked as unsafe, making it, in combination with `as_handle` easy to clone and trigger double-free in safe code or triggering UB when using invalid pointer.
references
0
reference_url https://codeberg.org/1millibyte/toolsnt/commit/f4c7a0d1fc4a08ce40bb76e447a69a6f383a916e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://codeberg.org/1millibyte/toolsnt/commit/f4c7a0d1fc4a08ce40bb76e447a69a6f383a916e
1
reference_url https://codeberg.org/1millibyte/toolsnt/issues/18
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://codeberg.org/1millibyte/toolsnt/issues/18
2
reference_url https://docs.rs/crate/hivex
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.rs/crate/hivex
3
reference_url https://docs.rs/crate/hivex/0.2.1/source
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://docs.rs/crate/hivex/0.2.1/source
4
reference_url https://rustsec.org/advisories/RUSTSEC-2026-0029.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://rustsec.org/advisories/RUSTSEC-2026-0029.html
5
reference_url https://github.com/advisories/GHSA-j8cj-hw74-64jv
reference_id GHSA-j8cj-hw74-64jv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j8cj-hw74-64jv
fixed_packages
0
url pkg:cargo/hivex@0.2.1
purl pkg:cargo/hivex@0.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:cargo/hivex@0.2.1
aliases GHSA-j8cj-hw74-64jv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5xn6-mwz6-aydc
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:cargo/hivex@0.2.0