CVE-2020-35880: Unsoundness in bigint

August 25, 2021

An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation.

References

github.com/advisories/GHSA-wgx2-6432-j3fw
github.com/paritytech/bigint
github.com/paritytech/bigint/commit/7e71521a61b009afc94c91135353102658550d42
github.com/rustsec/advisory-db/pull/290
nvd.nist.gov/vuln/detail/CVE-2020-35880
rustsec.org/advisories/RUSTSEC-2020-0025.html

Detect and mitigate CVE-2020-35880 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →