{"id":"ALPINE-CVE-2019-12083","details":"The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected.","modified":"2025-12-03T22:46:42.761024Z","published":"2019-05-13T20:29:02.913Z","upstream":["CVE-2019-12083"],"references":[{"type":"ADVISORY","url":"https://security.alpinelinux.org/vuln/CVE-2019-12083"}],"affected":[{"package":{"name":"rust","ecosystem":"Alpine:v3.19","purl":"pkg:apk/alpine/rust?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.34.2-r0"}]}],"versions":["1.10.0-r0","1.10.0-r1","1.16.0-r0","1.16.0-r1","1.16.0-r2","1.16.0-r3","1.16.0-r4","1.16.0-r5","1.17.0-r0","1.17.0-r1","1.17.0-r2","1.17.0-r3","1.18.0-r1","1.19.0-r0","1.20.0-r0","1.21.0-r0","1.21.0-r1","1.22.1-r0","1.23.0-r0","1.23.0-r1","1.24.0-r0","1.24.1-r0","1.25.0-r0","1.26.0-r0","1.26.0-r1","1.26.2-r0","1.27.0-r0","1.27.2-r0","1.28.0-r0","1.29.0-r0","1.30.0-r0","1.30.0-r1","1.31.1-r1","1.31.1-r2","1.32.0-r0","1.33.0-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-12083.json"}},{"package":{"name":"rust","ecosystem":"Alpine:v3.20","purl":"pkg:apk/alpine/rust?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.34.2-r0"}]}],"versions":["1.10.0-r0","1.10.0-r1","1.16.0-r0","1.16.0-r1","1.16.0-r2","1.16.0-r3","1.16.0-r4","1.16.0-r5","1.17.0-r0","1.17.0-r1","1.17.0-r2","1.17.0-r3","1.18.0-r1","1.19.0-r0","1.20.0-r0","1.21.0-r0","1.21.0-r1","1.22.1-r0","1.23.0-r0","1.23.0-r1","1.24.0-r0","1.24.1-r0","1.25.0-r0","1.26.0-r0","1.26.0-r1","1.26.2-r0","1.27.0-r0","1.27.2-r0","1.28.0-r0","1.29.0-r0","1.30.0-r0","1.30.0-r1","1.31.1-r1","1.31.1-r2","1.32.0-r0","1.33.0-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-12083.json"}},{"package":{"name":"rust","ecosystem":"Alpine:v3.21","purl":"pkg:apk/alpine/rust?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.34.2-r0"}]}],"versions":["1.10.0-r0","1.10.0-r1","1.16.0-r0","1.16.0-r1","1.16.0-r2","1.16.0-r3","1.16.0-r4","1.16.0-r5","1.17.0-r0","1.17.0-r1","1.17.0-r2","1.17.0-r3","1.18.0-r1","1.19.0-r0","1.20.0-r0","1.21.0-r0","1.21.0-r1","1.22.1-r0","1.23.0-r0","1.23.0-r1","1.24.0-r0","1.24.1-r0","1.25.0-r0","1.26.0-r0","1.26.0-r1","1.26.2-r0","1.27.0-r0","1.27.2-r0","1.28.0-r0","1.29.0-r0","1.30.0-r0","1.30.0-r1","1.31.1-r1","1.31.1-r2","1.32.0-r0","1.33.0-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-12083.json"}},{"package":{"name":"rust","ecosystem":"Alpine:v3.22","purl":"pkg:apk/alpine/rust?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.34.2-r0"}]}],"versions":["1.10.0-r0","1.10.0-r1","1.16.0-r0","1.16.0-r1","1.16.0-r2","1.16.0-r3","1.16.0-r4","1.16.0-r5","1.17.0-r0","1.17.0-r1","1.17.0-r2","1.17.0-r3","1.18.0-r1","1.19.0-r0","1.20.0-r0","1.21.0-r0","1.21.0-r1","1.22.1-r0","1.23.0-r0","1.23.0-r1","1.24.0-r0","1.24.1-r0","1.25.0-r0","1.26.0-r0","1.26.0-r1","1.26.2-r0","1.27.0-r0","1.27.2-r0","1.28.0-r0","1.29.0-r0","1.30.0-r0","1.30.0-r1","1.31.1-r1","1.31.1-r2","1.32.0-r0","1.33.0-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-12083.json"}},{"package":{"name":"rust","ecosystem":"Alpine:v3.23","purl":"pkg:apk/alpine/rust?arch=source"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.34.2-r0"}]}],"versions":["1.10.0-r0","1.10.0-r1","1.16.0-r0","1.16.0-r1","1.16.0-r2","1.16.0-r3","1.16.0-r4","1.16.0-r5","1.17.0-r0","1.17.0-r1","1.17.0-r2","1.17.0-r3","1.18.0-r1","1.19.0-r0","1.20.0-r0","1.21.0-r0","1.21.0-r1","1.22.1-r0","1.23.0-r0","1.23.0-r1","1.24.0-r0","1.24.1-r0","1.25.0-r0","1.26.0-r0","1.26.0-r1","1.26.2-r0","1.27.0-r0","1.27.2-r0","1.28.0-r0","1.29.0-r0","1.30.0-r0","1.30.0-r1","1.31.1-r1","1.31.1-r2","1.32.0-r0","1.33.0-r0"],"ecosystem_specific":{},"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/alpine/ALPINE-CVE-2019-12083.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}