9528 matches found
CVE-2025-47736
dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47735
inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...
CVE-2025-47735
inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...
CVE-2025-47735
inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust lacks dropslow thread synchronization...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
CVE-2025-47737
lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero...
PT-2025-20472 · Unknown · Trailer Crate
Name of the Vulnerable Software and Affected Versions: trailer crate versions 0.1.2 and earlier Description: The issue is related to the lib.rs file in the trailer crate for Rust, which mishandles allocating with a size of zero. Recommendations: For trailer crate version 0.1.2 and earlier, consid...
CVE-2025-47736
The CVE-2025-47736 issue affects the libsql-sqlite3-parser crate (Rust). Specifically, the dialect/mod.rs component can crash when given input that is not valid UTF-8, affecting versions up to 0.13.0 and before the commit 14f422a. The vulnerability arises from handling non-UTF-8 input during pars...
CVE-2025-47736
dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...
CVE-2025-47736
dialect/mod.rs in the libsql-sqlite3-parser crate through 0.13.0 before 14f422a for Rust can crash if the input is not valid UTF-8...
CVE-2025-47735
CVE-2025-47735 affects the Rust wgp crate (versions 0.2.0 and earlier). The root cause is missing drop_slow thread synchronization in inner::drop (inner.rs), leading to a race condition in multithreaded contexts. Exploit details are not provided in the documents; remediation references suggest av...
CVE-2025-47737
The vulnerability CVE-2025-47737 affects the trailer crate for Rust up to version 0.1.2, where lib.rs mishandles allocations of size zero. The issue is documented across multiple sources (GHSA-6X45-R4PR-5362, Red Hat RH CVE, OSV, PT-2025-20472) and is tied to zero-size allocation handling in the ...
AZL-74894 CVE-2025-4207 affecting package rust 1.90.0-3
Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13,...
SUSE CVE-2024-58253
In the obfstr crate before 0.4.4 for Rust, the obfstr! argument type is not restricted to string slices, leading to invalid UTF-8 conversion that produces an invalid value...
python3.12-setuptools-rust bug fix and enhancement update
An update is available for python3.12-setuptools-rust. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see t...
python3.12-setuptools-rust bug fix and enhancement update
An update is available for python3.12-setuptools-rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see t...
rust-toolset:rhel8 bug fix and enhancement update
An update is available for rust, module.rust. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...
asn-tools (>=0.2.2 <=0.2.5), bitslideslib (>=0.1.1 <=0.1.2) +13 more potentially affected by unknown CVE via shaman (=0.1.0)
shaman CARGO version =0.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on shaman and may be impacted: - asn-tools =0.2.2, =0.1.1, =0.2.0, =0.2.9, =0.1.0, =0.0.4, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.4 Source cves: unknown CVE Source advisory:...