CVE-2021-45709

CRITICAL

crypto2 <2021-10-08 - Memory Corruption

Title source: llm
STIX 2.1

Description

An issue was discovered in the crypto2 crate through 2021-10-08 for Rust. During Chacha20 encryption and decryption, an unaligned read of a u32 may occur.

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0075
EPSS Percentile 50.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (2)
crates.io/crypto2 0crates.io
crypto2_project/crypto2
Published Dec 27, 2021
Tracked Since Feb 18, 2026