{
  "affected": [
    {
      "ranges": [
        {
          "database_specific": {
            "versions": [
              {
                "introduced": "1.18.0"
              },
              {
                "fixed": "1.30.0"
              }
            ]
          },
          "events": [
            {
              "introduced": "03fc9d622e0ea26a3d37f5ab030737fcca6928b9"
            },
            {
              "fixed": "da5f414c2c0bfe5198934493f04c676e2b23ff2e"
            }
          ],
          "repo": "https://github.com/rust-lang/rust",
          "type": "GIT"
        }
      ]
    }
  ],
  "details": "The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vec_deque::Iter. The attack vector is: The program needs to invoke debug printing for iterator over an empty VecDeque. The fixed version is: 1.30.0, nightly versions after commit b85e4cc8fadaabd41da5b9645c08c68b8f89908d.",
  "id": "CVE-2019-1010299",
  "modified": "2026-03-13T21:46:33.302973594Z",
  "published": "2019-07-15T18:15:11.727Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://github.com/rust-lang/rust/issues/53566"
    },
    {
      "type": "FIX",
      "url": "https://github.com/rust-lang/rust/pull/53571/commits/b85e4cc8fadaabd41da5b9645c08c68b8f89908d"
    }
  ],
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}