28 matches found
DEBIAN-CVE-2021-45710
An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption...
GHSA-Q948-X8RF-888M os_str_bytes relies on undefined behavior of `char::from_u32_unchecked`
The Windows implementation of this crate relied on the behavior of std::char::fromu32unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 at least, that behavior could change with any new Rust version, possibly leading a security issue. The flaw was...
GHSA-69FV-GW6G-8CCG Potential memory corruption in arrayfire
The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...
[SECURITY] Fedora 34 Update: rust-versions-3.0.2-1.fc34
Library for parsing and comparing software version numbers...
Fedora: Security Advisory for rust-versions (FEDORA-2021-64e9e98eb4)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PT-2021-19197 · Rust +6 · Rust +6
Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.52.0 Description: A double free can occur in the Vec::from iter function if freeing the element panics. This issue is related to the standard library in Rust. Recommendations: For versions prior to 1.52.0, update to...
Unspecified Vulnerability in Mozilla Rust (CNVD-2021-36330)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in sodiumoxide crate for Rust versions prior to 0.2.5, which stems from generichash::Digest::eq comparing itself and thus has degenerate security properties. No details of the...
RUSTSEC-2020-0012 Relies on undefined behavior of `char::from_u32_unchecked`
The Windows implementation of this crate relied on the behavior of std::char::fromu32unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 at least, that behavior could change with any new Rust version, possibly leading a security issue. The flaw was...