-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from hashbrown's Borsh serialization implementation for HashMap. The RustSec advisory explicitly lists hashbrown::HashMap::borsh_serialize as the affected function. The GHSA description confirms the serialization order dependency and lack of canonical encoding checks. While the deserialization path also lacked canonicity checks, the provided RustSEC data specifically identifies the serialize function as the vulnerable component. The file path is inferred from standard hashbrown crate structure, where HashMap implementations typically reside in map.rs.
RustRust| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| hashbrown | rust | >= 0.15.0, < 0.15.1 | 0.15.1 |
KEV Misses 88% of Exploited CVEs- Get the report