wundergraph
wundergraph copied to clipboard
Published
20 hours ago •
weiznich
weiznich
RUSTSEC-2020-0049: Use-after-free in Framed due to lack of pinning
Use-after-free in Framed due to lack of pinning
| Details | |
|---|---|
| Package | actix-codec |
| Version | 0.1.2 |
| URL | https://github.com/actix/actix-net/issues/91 |
| Date | 2020-01-30 |
| Patched versions | >= 0.3.0-beta.1 |
Affected versions of this crate did not require the buffer wrapped in Framed to be pinned,
but treated it as if it had a fixed location in memory. This may result in a use-after-free.
The flaw was corrected by making the affected functions accept Pin<&mut Self> instead of &mut self.
See advisory page for additional details.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}