CVE-2021-45713: Use After Free in rusqlite
(updated )
An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. create_scalar_function has a use-after-free.
References
- github.com/advisories/GHSA-92cx-4xm7-jr9m
- github.com/rusqlite/rusqlite
- github.com/rusqlite/rusqlite/commit/30f8c8c502675011603c4d066396bf317fd49e71
- github.com/rusqlite/rusqlite/commit/612158507e90f41d409cd0fa80eb21c992b1bc08
- github.com/rusqlite/rusqlite/commit/934e0c709e156753881da98b32e9853f9ffe4a1b
- github.com/rusqlite/rusqlite/commit/f4f95f8caf9fd53bffd0c19530be2484c644cc16
- github.com/rusqlite/rusqlite/issues/1048
- github.com/rusqlite/rusqlite/pull/1049
- nvd.nist.gov/vuln/detail/CVE-2021-45713
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/rusqlite/RUSTSEC-2021-0128.md
- rustsec.org/advisories/RUSTSEC-2021-0128.html
Detect and mitigate CVE-2021-45713 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →