Memory Reading Vulnerability in bumpalo Crate Allows Unauthorized Access to Cryptographic Keys

Memory Reading Vulnerability in bumpalo Crate Allows Unauthorized Access to Cryptographic Keys

CVE-2020-35861 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys.

Learn more about our Web Application Penetration Testing UK.