CVE-2021-45687
CRITICAL WAF: Medium
CVSS 9.8
Published: 2021-12-27
CWE-20
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.
WAF Coverage Analysis
Improper Input Validation
Medium WAF Coverage
OWASP: A03:2021 Injection
920xxx - Protocol Enforcement 941xxx - XSS / XXE 942xxx - SQL Injection
Affected Software
| Vendor | Product | Version |
|---|---|---|
| raw-cpuid_project | raw-cpuid | up to 9.1.1 |
References
- raw.githubusercontent.com (Third Party Advisory)
- rustsec.org (Third Party Advisory)