Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust suffers from a security vulnerability that allows an attacker to bypass IP address-based access control due to an unexpected octal interpretation...

Crossbeam 竞争条件问题漏洞

Crossbeam is a tool for individual developers that applies to concurrent programming. A security vulnerability exists in crossbeam-deque, which is used to build task schedulers when programming in Rust...

UBUNTU-CVE-2021-32715

hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't parse such...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in algorithmica crate for Rust version 2021-03-07 and earlier, which stems from a double free in merge sort::merge.No details of the vulnerability are available a...

DEBIAN-CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

Rust 格式化字符串错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A format string error vulnerability exists in the standard library in versions of Rust prior to 1.52.0, which stems from the fact that if the length of a borrowed string is changed after checking it, it could...

DEBIAN-CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls iteratorgetunchecked for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait...

UBUNTU-CVE-2020-36318

In the standard library in Rust before 1.49.0, VecDeque::makecontiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free...

UBUNTU-CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.2.0, which stems from the binary heap being in a failure to agree state when comparing generic elements of sift up or...

Mozilla Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.52.0, which stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.51.0, which stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a...

CVE-2021-30454

An issue was discovered in the outercgi crate before 0.2.1 for Rust. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader...

Android to Support Rust Programming Language to Prevent Memory Flaws

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project AOSP with Rust for the past 18 months...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust version 2021-02-26 and prior versions, which stems from the possibility of a double release in get or insert. No detailed vulnerability details are...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in Rust outercgi crate versions prior to 0.2.1, which originates when a user-supplied Read instance receives an uninitialized memory buffer from a KeyValueReader. No detail...

DEBIAN-CVE-2021-29939

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if sizehint provides certain anomalous data...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust that stems from the loss of uninitialized memory that sometimes occurs. No details of the vulnerability are provided at this time...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A denial of service vulnerability exists in parseduration crate for Rust 2021-03-18 and earlier versions, which can be exploited by an attacker to cause a denial of service CPU and memory consumption via a large...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in slice-deque crate for Rust 2021-02-19 and earlier versions, which originates from SliceDeque::drainfilter.No detailed vulnerability details are available at th...