CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9528 matches found

Tenable Nessus•added 2024/03/21 12:0 a.m.•12 views

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2024-574)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-574 advisory. RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 Tenable has extracted the preceding...

5.5AI score

Exploits0References2

vulnersOsv•added 2024/03/20 12:0 p.m.•4 views

BeerHolderBot (>=0.3.5 <=0.3.8), BiliupApi (>=0.1.0 <=0.1.7) +3722 more potentially affected by unknown CVE via yaml-rust (>=0.2.2 <=0.4.5)

yaml-rust CARGO version =0.2.2, =0.3.5, =0.1.0, =0.1.0, =0.1.0, =0.9.0, =1.0.0, =0.1.0, =0.0.9, =0.0.1, =0.0.1, =0.2.0-alpha.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0320...

5.5AI score

Exploits0

OSV•added 2024/03/20 12:0 p.m.•8 views

RUSTSEC-2024-0320 yaml-rust is unmaintained.

The maintainer seems unreachable. Many issues and pull requests have been submitted over the years without any response. Alternatives Consider switching to the actively maintained yaml-rust2 fork of the original project: - yaml-rust2 - yaml-rust2 @ crates.io...

7.2AI score

Exploits0References3

Positive Technologies•added 2024/03/20 12:0 a.m.•4 views

PT-2024-40905 · Yaml-Rust · Yaml-Rust

Name of the Vulnerable Software and Affected Versions: yaml-rust affected versions not specified Description: The maintainer of yaml-rust seems unreachable, with many issues and pull requests submitted over the years without any response. Recommendations: Consider switching to the actively...

6.9AI score

Exploits0References4

CBLMariner•added 2024/03/19 5:21 p.m.•7 views

CVE-2023-45853 affecting package rust for versions less than 1.75.0-1

CVE-2023-45853 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

9.8CVSS7.2AI score0.02918EPSS

Exploits0

CBLMariner•added 2024/03/19 5:21 p.m.•18 views

CVE-2023-45853 affecting package rust for versions less than 1.75.0-1

CVE-2023-45853 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

9.8CVSS9.8AI score0.02918EPSS

Exploits0

CBLMariner•added 2024/03/19 5:21 p.m.•21 views

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5

CVE-2023-3817 affecting package rust for versions less than 1.68.2-5. A patched version of the package is available...

5.3CVSS5.7AI score0.02577EPSS

Exploits0

Amazon•added 2024/03/18 12:0 a.m.•11 views

Important: rust

Issue Overview: RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE: https://github.com/comex/rust-shlex/security/advisories/GHSA-r7qv-8r2h-pg27 Affected Packages: rust Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section f...

7.2AI score

Exploits0

Amazon•added 2024/03/18 12:0 a.m.•30 views

Important: rust

Issue Overview: libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to build Git functionality into your application. Using well-crafted inputs to gitrevparsesingle can cause the function to enter an infinite loop, potentially...

9.8CVSS9.4AI score0.01546EPSS

Exploits0

Amazon•added 2024/03/18 12:0 a.m.•4 views

Important: rust

7AI score

Exploits0

Tenable Nessus•added 2024/03/18 12:0 a.m.•38 views

Amazon Linux 2 : rust (ALAS-2024-2496)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2496 advisory. libgit2 is a portable C implementation of the Git core methods provided as a linkable library with a solid API, allowing to...

9.8CVSS8.1AI score0.01546EPSS

Exploits0References6

Tenable Nessus•added 2024/03/18 12:0 a.m.•14 views

Amazon Linux 2 : rust (ALAS-2024-2504)

The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2504 advisory. RUSTSEC-2024-0006 NOTE: https://rustsec.org/advisories/RUSTSEC-2024-0006.html NOTE:...

5.6AI score

Exploits0References2

OSV•added 2024/03/15 7:57 p.m.•22 views

GHSA-2QPH-QPVM-2QF7 tls-listener affected by the slow loris vulnerability with default configuration

Summary With the default configuration of tls-listener, a malicious user can open 6.4 TcpStreams a second, sending 0 bytes, and can trigger a DoS. Details The default configuration options make any public service using TlsListener::new vulnerable to a slow-loris DoS attack. rust /// Default numbe...

7.5CVSS7.4AI score0.00964EPSS

Exploits1References7

Github Security Blog•added 2024/03/15 7:57 p.m.•31 views

tls-listener affected by the slow loris vulnerability with default configuration

7.5CVSS6.8AI score0.00964EPSS

Exploits1References7Affected Software1

NVD•added 2024/03/15 7:15 p.m.•22 views

CVE-2024-28854

tls-listener is a rust lang wrapper around a connection listener to support TLS. With the default configuration of tls-listener, a malicious user can open 6.4 TcpStreams a second, sending 0 bytes, and can trigger a DoS. The default configuration options make any public service using...

7.5CVSS7.4AI score0.00964EPSS

Exploits1References3

CVE•added 2024/03/15 6:54 p.m.•64 views

CVE-2024-28854

tls-listener is a Rust wrapper for a TLS connection listener. The default configuration allows a malicious actor to open multiple TCP connections per second and send zero bytes, triggering a slowloris-style DoS. The issue affects public services using tls-listener with default settings in version...

7.5CVSS7.4AI score0.00964EPSS

Exploits1References3Affected Software1