Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

Mozilla: Denial of Service via complex regular expressions

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

CVE-2022-24713

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

CVE-2022-24713

regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those tunable mitigations already provide sane defaults to preven...

RUSTSEC-2022-0013 Regexes with large repetitions on empty sub-expressions take a very long time to parse

The Rust Security Response WG was notified that the regex crate did not properly limit the complexity of the regular expressions regex it parses. An attacker could use this security issue to perform a denial of service, by sending a specially crafted regex to a service accepting untrusted regexes...

Trellix Global Defenders: BlackCat Ransomware as a Service - The Cat is certainly out of the bag!

Trellix Global Defenders: BlackCat Ransomware as a Service - The Cat is certainly out of the bag! By Trellix · February 8, 2022 Research Contributions and Analysis: Filippo Sitzia This story was written by Arnab Roy Threat Summary Blackcat also known as ALPHV/Noberus is a Ransomware as a Service...

SUSE SLED15 / SLES15 Security Update : rust1.55 (SUSE-SU-2022:0171-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0171-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust...

CVE-2022-21658 Race condition in std::fs::remove_dir_all in rustlang

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

Rust vec-const crate memory corruption vulnerability

Rust vec-const crate is a program written in the Rust language with specific functionality. security vulnerabilities exist in versions of Rust vec-const crate prior to 2.0.0, which can be exploited by attackers to cause memory corruption...

CVE-2020-36514

An issue was discovered in the accreader crate through 2020-12-27 for Rust. fillbuf may read from uninitialized memory locations...

CVE-2021-45680

An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption...

CVE-2020-36511

An issue was discovered in the bite crate through 2020-12-31 for Rust. read::BiteReadExpandedExt::readframedmax may read from uninitialized memory locations...

CVE-2021-45683

An issue was discovered in the binjsio crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in versions of Rust nanorand crate prior to 0.6.1, which stems from the fact that the same object can have multiple mutable references. No details of the vulnerability are current...

Rust 安全漏洞

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust zeroizederive crate 1.1.1, which stems from the fact that deleted memory is not set to zero. No details of the vulnerability are currently available...

Rust messagepack-rs crate安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. rust messagepack-rs crate has a security vulnerability in versions prior to 2021-01-26, which could be exploited by attackers to read data from uninitialized memory locations...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. security vulnerabilities exist in versions of Rust tremor-script crate prior to 0.11.6, which can lead to resource management errors. No details of the vulnerability are currently available...

Rust 安全漏洞

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust ckb crate 0.40.0 that stems from an inability to allocate memory for misbehavior HashMap. An attacker could exploit this vulnerability to cause a denial of...