{"vulnerability": "CVE-2019-2500", "sightings": [{"uuid": "aa14bf90-7549-4d60-a0a3-4bb3a9626f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25001", "type": "seen", "source": "https://t.me/cibsecurity/21461", "content": "\u203c CVE-2019-25001 \u203c\n\nAn issue was discovered in the serde_cbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:41.000000Z"}, {"uuid": "6065bab0-81f5-4903-9d86-bd92ede8dd1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25004", "type": "seen", "source": "https://t.me/cibsecurity/21459", "content": "\u203c CVE-2019-25004 \u203c\n\nAn issue was discovered in the flatbuffers crate before 0.6.1 for Rust. Arbitrary bytes can be reinterpreted as a bool, defeating soundness.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:36.000000Z"}, {"uuid": "13de929a-be6b-48d8-850d-5706d871838d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25002", "type": "seen", "source": "https://t.me/cibsecurity/21464", "content": "\u203c CVE-2019-25002 \u203c\n\nAn issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:44.000000Z"}, {"uuid": "a8033ce7-88ae-4e20-8b56-8304c435d00b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-25007", "type": "seen", "source": "https://t.me/cibsecurity/21463", "content": "\u203c CVE-2019-25007 \u203c\n\nAn issue was discovered in the streebog crate before 0.8.0 for Rust. The Streebog hash function can cause a panic.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T12:37:43.000000Z"}]}