149 matches found
CVE-2020-36317
The CVE-2020-36317 issue affects the Rust standard library prior to 1.49.0, where String::retain() can panic and allow creation of a non-UTF-8 Rust string. This may cause a memory-safety violation when other APIs assume UTF-8 on the same string. Several connected advisories confirm Rust 1.49.0 or...
Mozilla Rust 输入验证错误漏洞
Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. An integer overflow vulnerability exists in the Zip implementation of the standard library in versions of Rust prior to 1.52.0. An attacker can exploit this...
Mozilla Rust 缓冲区错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.49.0, which stems from the fact that it allows a non-UTF-8 Rust string to be created when there is a problem with the suppli...
Rust Access Control Error Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust has a security vulnerability in version 2021-01-26 and earlier, which stems from the fact that elements may be deleted twice if the .next method is wrong. No details of the vulnerability are available at th...
Rust 资源管理错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust has a security vulnerability in version 2021-01-26 and earlier, which stems from the fact that elements may be deleted twice if the .next method is wrong. No details of the vulnerability are available at th...
HTTP Bridge - Send TCP Stream Packets Over Simple HTTP Request
I've wrote this program as a proof of concept to test the idea of be able to send tcp stream packets over simple http request like PUT, PATCH, POST, GET, without use a proxy way like CONNECT method. Also as a practice exercise to train my novice skill on rust language. Description These tool is...
Mozilla Rust Cross-Site Scripting Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A cross-site scripting vulnerability exists in Rust in versions prior to comrak crate 0.9.1, which stems from the fact that the protection mechanism for data: and javascript: URIs is case-sensitive. No details o...
Rust 数字错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in bam crate before 0.1.3 for Rust, which stems from an integer underflow and out-of-bounds write during loading of a bgzip block, no details of the vulnerability are provided at...
CVE-2021-26953
An issue was discovered in the postscript crate before 0.14.0 for Rust. It might allow attackers to obtain sensitive information from uninitialized memory locations via a user-provided Read implementation...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust prior to 2021-02-04, and no details of the vulnerability are available at this time...
Rust 缓冲区错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in versions of Rust prior to 2021-02-04, which stems from xcb::xproto::changeproperty allowing out-of-bounds read operations. No detailed vulnerability details are provided...
Rust 安全漏洞
Rust, a general-purpose, compiled programming language from the Mozilla Foundation, is vulnerable until version 1.0.4. The vulnerability stems from the program ButtplugFutureStateShared not properly considering objects, which leads to data contention. No details of the vulnerability are currently...
Rust 代码问题漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust. The vulnerability stems from the dereference of a program's raw pointer. No details of the vulnerability are available at this time...
Rust Security Vulnerabilities
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.9.1. The vulnerability stemmed from a lack of soundness in the program DrainFilter due to two drops...
DEBIAN-CVE-2020-35919
An issue was discovered in the net2 crate before 0.2.36 for Rust. It has false expectations about the std::net::SocketAddr memory representation...
UBUNTU-CVE-2020-35913
An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of RwLockReadGuard unsoundness...
Rust Security Vulnerabilities
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in rusqlite crate before 0.23.0 for Rust, which stems from the ability to violate memory safety via the create module...
Rust Security Vulnerabilities
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rusqlite crate before 0.23.0, which stems from a Memory safety violation in the repr type...
Rust Input Validation Error Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An input validation error vulnerability exists in Rust http crate before 0.1.20, which stems from an integer overflow in HeaderMap::reserve, allowing an attacker to cause a denial of service...
Rust Resource Management Error Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in actix-service crate before 1.0.6 for Rust, where the Cell implementation allows obtaining multiple mutable references to the same data...