{"id":"RUSTSEC-2020-0145","summary":"Use-after-free when cloning a partially consumed `Vec` iterator","details":"The `IntoIter` `Clone` implementation clones the whole underlying `Vec`.\nIf the iterator is partially consumed the consumed items will be copied, thus creating a use-after-free access.\n\nA proof of concept is available in the original bug report.","aliases":["CVE-2020-36464","GHSA-qgwf-r2jj-2ccv"],"modified":"2023-11-08T04:03:46.441950Z","published":"2020-11-02T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/heapless"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0145.html"},{"type":"REPORT","url":"https://github.com/japaric/heapless/issues/181"}],"affected":[{"package":{"name":"heapless","ecosystem":"crates.io","purl":"pkg:cargo/heapless"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.6.1"}]}],"ecosystem_specific":{"affects":{"functions":["heapless::vec::IntoIter::clone"],"os":[],"arch":[]},"affected_functions":null},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0145.json","categories":["memory-corruption","memory-exposure"],"informational":"unsound","cvss":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}