CVE-2020-36323

HIGH

Rust < 1.52.0 - Format String Vulnerability

Title source: rule

Description

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

References (7)

[Patch, Third Party Advisory] https://github.com/rust-lang/rust/issues/80335

[Patch, Third Party Advisory] https://github.com/rust-lang/rust/pull/81728

[Patch, Third Party Advisory] https://github.com/rust-lang/rust/pull/81728#issuecomment-821549174

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5/

[Patch, Third Party Advisory] https://github.com/rust-lang/rust/pull/81728#issuecomment-824904190

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4/

Scores

CVSS v3 8.2

EPSS 0.0070

EPSS Percentile 72.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Details

CWE

CWE-134

Status published

Products (4)

fedoraproject/fedora 32

fedoraproject/fedora 33

fedoraproject/fedora 34

rust-lang/rust < 1.52.0

Published Apr 14, 2021

Tracked Since Feb 18, 2026