Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mercredi 25 novembre 2020

Time Crate up to 0.2.22 on Unix Environment Variable try_now_local null pointer dereference

A vulnerability, which was classified as problematic, was found in Time Crate up to 0.2.22 on Unix (Rust Package). Affected is the function time::UtcOffset::local_offset_at/time::UtcOffset::try_local_offset_at/time::UtcOffset::current_local_offset/time::UtcOffset::try_current_local_offset/time::OffsetDateTime::now_local/time::OffsetDateTime::try_now_local of the component Environment Variable Handler. Upgrading to version 0.2.23 eliminates this vulnerability. The upgrade is hosted for download at crates.io.

Lien vers l'article source

Auteur: VulDB

Catégories: VulDBNombre de vues: 128

x

Événements SSI