​
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-6427-pq22-fhv9

Published

Last updated

https://images.chainguard.dev/security/CGA-6427-pq22-fhv9
Package

zed

Latest Update
Fixed
Fixed Version

0.146.3-r0

Aliases
  • CVE-2019-25009
  • GHSA-6rhx-hqxm-8p36

Severity

9.8

Critical

CVSS V3

Summary

Double free in http

Description

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2019-25009
  • https://github.com/advisories/GHSA-6rhx-hqxm-8p36
  • https://rustsec.org/advisories/RUSTSEC-2019-0034.html

Updates

Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2024 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Product

Chainguard Images

Why Chainguard

Container Image SecurityVulnerability RemediationCompliance and Risk MitigationSoftware Supply Chain SecurityAI/ML Security

Customers

Customer StoriesChainguard Love

Company

About UsOpen SourceCareersNewsroomLegal

Resources

Unchained BlogResearchEventsTrust CenterDocumentation