Vulnerabilities > CVE-2021-25904 - NULL Pointer Dereference vulnerability in Av-Data Project Av-Data

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

av-data-project

CWE-476

NVD

Published: 2021-01-26

Updated: 2024-11-21

Summary

An issue was discovered in the av-data crate before 0.3.0 for Rust. A raw pointer is dereferenced, leading to a read of an arbitrary memory address, sometimes causing a segfault.

Vulnerable Configurations

Part	Description	Count
Application	Av-Data_Project AV Data Project AV Data 0.1.0 AV Data Project AV Data 0.2.0 AV Data Project AV Data 0.2.1 AV Data Project AV Data 0.2.2	4

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

References

https://rustsec.org/advisories/RUSTSEC-2021-0007.html
https://rustsec.org/advisories/RUSTSEC-2021-0007.html