Home > Vulnerability Database > WS-2022-0151

Mend.io Vulnerability Database

WS-2022-0151

Date: June 17, 2022

All versions of gfx-auxil pass an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer (memory exposure) and also can return an incorrect number of bytes written to the buffer. Reading from uninitialized memory produces undefined values that can quickly invoke undefined behavior.

Language: RUST

Severity Score

5.5

Related Resources (2)

Url: https://github.com/advisories/GHSA-28p5-7rg4-8v99

Url: https://www.mend.io/vulnerability-database/WS-2022-0151

Severity Score

5.5

Weakness Type (CWE)

Use of Uninitialized Resource

CWE-908

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	HIGH

Mend.io Vulnerability Database

We found results for “”

WS-2022-0151

Date: June 17, 2022

Language: RUST

Severity Score

Related Resources (2)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?