CVE-2020-25573: Access of Uninitialized Pointer in linked-hash-map

August 25, 2021

An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint.

References

github.com/advisories/GHSA-r43h-gmrm-h5c9
github.com/contain-rs/linked-hash-map
github.com/contain-rs/linked-hash-map/pull/100
nvd.nist.gov/vuln/detail/CVE-2020-25573
rustsec.org/advisories/RUSTSEC-2020-0026.html

Detect and mitigate CVE-2020-25573 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →