Mishandling of format strings in rusqlite
Critical severity
GitHub Reviewed
Published
Aug 25, 2021
to the GitHub Advisory Database
•
Updated Jun 13, 2023
Description
Published by the National Vulnerability Database
Dec 31, 2020
Reviewed
Aug 19, 2021
Published to the GitHub Advisory Database
Aug 25, 2021
Last updated
Jun 13, 2023
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because rusqlite::trace::log mishandles format strings.
References