CVE-2020-35885: Double free in alpm-rs

August 25, 2021

An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.

References

github.com/BahNahNah/rust-arch/tree/master/alpm-rs
github.com/advisories/GHSA-qc4m-gc8r-mg8m
github.com/pigeonhands/rust-arch/issues/2
nvd.nist.gov/vuln/detail/CVE-2020-35885
rustsec.org/advisories/RUSTSEC-2020-0032.html

Detect and mitigate CVE-2020-35885 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →