Linux Distros Unpatched Vulnerability : CVE-2020-36471

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the generator crate before 0.7.0 for Rust. It does not ensure that a function for yielding values has Send bounds. CVE-2020-36471 Not...

Linux Distros Unpatched Vulnerability : CVE-2020-36317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provid...

Linux Distros Unpatched Vulnerability : CVE-2020-25016

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of...

Linux Distros Unpatched Vulnerability : CVE-2020-36323

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to...

Linux Distros Unpatched Vulnerability : CVE-2023-38497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not...

Linux Distros Unpatched Vulnerability : CVE-2022-21658

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG w...

Linux Distros Unpatched Vulnerability : CVE-2023-40030

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cargo downloads a Rust project's dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when...

Linux Distros Unpatched Vulnerability : CVE-2020-25575

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the failure crate through 0.1.5 for Rust. It may introduce compatibility hazards in some applications, and has a type confusion flaw...

ISP-SDK (=0.2.3), actix-elastic (>=1.0.0 <=1.0.7) +235 more potentially affected by unknown CVE via backoff (>=0.1.6 <=0.4.0)

backoff CARGO version =0.1.6, =1.0.0, =0.4.0, =0.2.0, =0.1.0, =0.2.0, =0.5.1, =0.2.0-beta.0, =0.6.0, =0.2.0, =0.5.0 - adventure-rusoto-ecs =0.4.0 - adventure-rusoto-sns =0.4.0 - adventure-rusoto-sqs =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0012...

Linux Distros Unpatched Vulnerability : CVE-2019-25010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when privategettypeid is overridden. CVE-2019-25010 Note that...

Linux Distros Unpatched Vulnerability : CVE-2021-29922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which in som...

Linux Distros Unpatched Vulnerability : CVE-2021-28875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer...

Linux Distros Unpatched Vulnerability : CVE-2020-35913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of RwLockReadGuard unsoundness. CVE-2020-35913 Note that Nessu...

Linux Distros Unpatched Vulnerability : CVE-2021-28877

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.51.0, the Zip implementation calls iteratorgetunchecked for the same index more than once when nested. This bug can lea...

Linux Distros Unpatched Vulnerability : CVE-2019-13224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly co...

Linux Distros Unpatched Vulnerability : CVE-2020-35910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of MappedMutexGuard unsoundness. CVE-2020-35910 Note that Ness...

Linux Distros Unpatched Vulnerability : CVE-2021-28878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when...

Linux Distros Unpatched Vulnerability : CVE-2021-28876

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index...

CVE-2025-27498

aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the tag is incorrect. This is because in decryptinplace in asconcore.rs, tag verification causes an error to be returned with the plaintext...

CVE-2025-27498

The CVE-2025-27498 entry concerns a vulnerability in a pure Rust AES-GCM implementation where decrypt_in_place_detached can expose the decrypted plaintext even if the authentication tag is invalid. Root cause: in decrypt_in_place in asconcore.rs, a tag verification error is returned while the pla...