Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
cassandra-rs non-idiomatic use of iterators leads to use after free
Vulnerability Description
cassandra-rs is a Cassandra (CQL) driver for Rust. Code that attempts to use an item (e.g., a row) returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. The problem has been fixed in version 3.0.0.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
释放后使用
Vulnerability Title
cassandra-rs 安全漏洞
Vulnerability Description
Apache Cassandra是美国阿帕奇(Apache)基金会的一个分布式Nosql数据库。Cassandra是一个混合型的非关系的数据库,类似于Google的BigTable。其主要功能比Dynamo (分布式的Key-Value存储系统)更丰富,但支持度却不如文档存储MongoDB(介于关系数据库和非关系数据库之间的开源产品,是非关系数据库当中功能最丰富,最像关系数据库的。 cassandra-rs 3.0.0之前版本存在安全漏洞,该漏洞源于存在释放后重用漏洞。
CVSS Information
N/A
Vulnerability Type
N/A