CVE-2018-25023 — Vulnetix

Try Vulnetix Request Demo

CVE-2018-25023 PUBLISHED

An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type.

EPSS 0.23% · 45.7th percentile

Risk Scores

EPSS Score

0.23%

45.7th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:20.04:LTS	rust-smallvec	0, 0.6.10-1, 1.1.0-1
Ubuntu:25.10	rust-smallvec	1.13.2-1, 0
Ubuntu:22.04:LTS	rust-smallvec	1.7.0-1, 0, 1.4.2-2
Ubuntu:24.04:LTS	rust-smallvec	0, 1.11.0-1, 1.11.2-1

Timeline

Sep 25, 2018 CVE Published
Dec 27, 2021 EPSS Score
Feb 18, 2022 EPSS Score
Apr 13, 2022 EPSS Score
Jun 5, 2022 EPSS Score
Jul 29, 2022 EPSS Score
Sep 21, 2022 EPSS Score
Nov 13, 2022 EPSS Score
Jan 5, 2023 EPSS Score
Feb 28, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 22, 2023 EPSS Score

References

https://ubuntu.com/security/CVE-2018-25023 third-party-advisory
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/smallvec/RUSTSEC-2018-0018.md third-party-advisory
https://rustsec.org/advisories/RUSTSEC-2018-0018.html third-party-advisory
https://www.cve.org/CVERecord?id=CVE-2018-25023 third-party-advisory

Open in Interactive Console →