9532 matches found
CVE-2023-53161
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...
CVE-2023-53159
The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...
CVE-2023-53160
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...
CVE-2023-53159
The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...
CVE-2023-53161
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...
DEBIAN-CVE-2023-53161
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...
DEBIAN-CVE-2023-53159
The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...
CVE-2023-53160
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...
UBUNTU-CVE-2023-53160
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...
UBUNTU-CVE-2023-53161
The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic...
UBUNTU-CVE-2023-53159
The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost...
UBUNTU-CVE-2022-50237
The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...
CVE-2023-53158
The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...
CVE-2023-53158
The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone 'ssh://-oProxyCommand=open$IFS" substring. NOTE: this was discovered before CVE-2024-32884, a similar vulnerability involving a username field that is more difficult to exploit...
GHSA-624C-2H52-GF7F Duplicate Advisory: Remotely exploitable denial of service in Rosenpass
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-6ggr-cwv4-g7qg. This link is maintained to preserve external references. Original Description The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte U...
Duplicate Advisory: Multiple issues involving quote API in shlex
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r7qv-8r2h-pg27. This link is maintained to preserve external references. Original Description The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may...
Duplicate Advisory: Unauthenticated Nonce Increment in snow
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7g9j-g5jg-3vv3. This link is maintained to preserve external references. Original Description The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby...
GHSA-286M-6PG9-V42V Duplicate Advisory: Multiple issues involving quote API in shlex
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r7qv-8r2h-pg27. This link is maintained to preserve external references. Original Description The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may...
GHSA-97F8-H76H-F297 Duplicate Advisory: Unauthenticated Nonce Increment in snow
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-7g9j-g5jg-3vv3. This link is maintained to preserve external references. Original Description The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby...
CVE-2023-53157
The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte UDP packet...