raw-cpuid

crates.io3 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting raw-cpuidpage 1 of 1

CVE-2021-26306HIGHCVSS 7.5EG 7.5✓ Fixed in 9.0.0
2021-01-29
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It has unsound transmute calls within as_string() methods.
CVE-2021-26307MEDIUMCVSS 5.5EG 5.5✓ Fixed in 9.0.0
2021-01-29
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It allows __cpuid_count() calls even if the processor does not support the CPUID instruction, which is unsound and causes a deterministic crash.
CVE-2021-45687CRITICALCVSS 9.8EG 9.8✓ Fixed in 9.1.1
2021-12-27
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used (which is not the the default), a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic.

Check whether raw-cpuid is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for raw-cpuid CVEs against the assets you own.

Start Free Scan →