Lucene search
K

28 matches found

OSV
OSV
added 2021/12/27 12:15 a.m.3 views

DEBIAN-CVE-2021-45710

An issue was discovered in the tokio crate before 1.8.4, and 1.9.x through 1.13.x before 1.13.1, for Rust. In certain circumstances involving a closed oneshot channel, there is a data race and memory corruption...

8.1CVSS7.8AI score0.01162EPSS
Exploits0References1
OSV
OSV
added 2021/08/25 8:47 p.m.12 views

GHSA-Q948-X8RF-888M os_str_bytes relies on undefined behavior of `char::from_u32_unchecked`

The Windows implementation of this crate relied on the behavior of std::char::fromu32unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 at least, that behavior could change with any new Rust version, possibly leading a security issue. The flaw was...

7.5CVSS7.5AI score0.01336EPSS
Exploits0References4
OSV
OSV
added 2021/08/25 8:43 p.m.13 views

GHSA-69FV-GW6G-8CCG Potential memory corruption in arrayfire

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

9.8CVSS9.6AI score0.01645EPSS
Exploits0References6
Fedora
Fedora
added 2021/08/15 1:13 a.m.47 views

[SECURITY] Fedora 34 Update: rust-versions-3.0.2-1.fc34

Library for parsing and comparing software version numbers...

3.5AI score
Exploits0
OpenVAS
OpenVAS
added 2021/08/15 12:0 a.m.8 views

Fedora: Security Advisory for rust-versions (FEDORA-2021-64e9e98eb4)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS9.8AI score0.01923EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2021/04/14 12:0 a.m.4 views

PT-2021-19197 · Rust +6 · Rust +6

Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.52.0 Description: A double free can occur in the Vec::from iter function if freeing the element panics. This issue is related to the standard library in Rust. Recommendations: For versions prior to 1.52.0, update to...

9.8CVSS6.6AI score0.0289EPSS
Exploits7References71
CNVD
CNVD
added 2021/01/06 12:0 a.m.6 views

Unspecified Vulnerability in Mozilla Rust (CNVD-2021-36330)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in sodiumoxide crate for Rust versions prior to 0.2.5, which stems from generichash::Digest::eq comparing itself and thus has degenerate security properties. No details of the...

9.8CVSS6.6AI score0.01484EPSS
Exploits0References1
OSV
OSV
added 2020/04/24 12:0 p.m.17 views

RUSTSEC-2020-0012 Relies on undefined behavior of `char::from_u32_unchecked`

The Windows implementation of this crate relied on the behavior of std::char::fromu32unchecked when its safety clause is violated. Even though this worked with Rust versions up to 1.42 at least, that behavior could change with any new Rust version, possibly leading a security issue. The flaw was...

7.5CVSS7.6AI score0.01336EPSS
Exploits0References3
Rows per page
Query Builder