CVE-2021-45681

CVE-2021-45681 affects the Rust crate derive-com-impl prior to 0.1.2. The issue is an invalid reference leading to memory corruption because AddRef may not be called before returning a pointer. Multiple sources (OSV/RUSTSEC/RUST) detail the same root cause and note the fix was committed (9803f31f...

CVE-2021-45681

An issue was discovered in the derive-com-impl crate before 0.1.2 for Rust. An invalid reference and memory corruption can occur because AddRef might not be called before returning a pointer...

CVE-2021-45682

The CVE-2021-45682 entry concerns the bronzedb-protocol crate for Rust, for versions through 2021-01-03. The root issue is that ReadKVExt may read from uninitialized memory locations, which can lead to undefined behavior and potential memory exposure. Public-environment advisories (OSV, Red Hat, ...

CVE-2021-45682

An issue was discovered in the bronzedb-protocol crate through 2021-01-03 for Rust. ReadKVExt may read from uninitialized memory locations...

CVE-2021-45683

The CVE-2021-45683 issue affects the Rust crate binjs_io (pre-2021-01-03). The Read method may read from uninitialized memory locations, causing memory exposure and potential undefined behavior. Public advisories (e.g., RUSTSEC-2021-0085, GHSA-CW4J-CF6C-MMFV, GHSA-C6PX-4GRW-HRJR, OSV entries) des...

CVE-2021-45683

An issue was discovered in the binjsio crate through 2021-01-03 for Rust. The Read method may read from uninitialized memory locations...

CVE-2021-45684

The CVE-2021-45684 issue affects the Rust crate flumedb, where read_entry may read from uninitialized memory locations. This can lead to memory exposure and undefined behavior in affected builds. The vulnerability is described consistently across sources (NVD, Red Hat, OSV/GHSA) as an uninitializ...

CVE-2021-45684

An issue was discovered in the flumedb crate through 2021-01-07 for Rust. readentry may read from uninitialized memory locations...

CVE-2021-45685

An issue was discovered in the columnar crate through 2021-01-07 for Rust. ColumnarReadExt::readtypedvec may read from uninitialized memory locations...

CVE-2021-45685

CVE-2021-45685 affects the Rust columnar crate (pre-2021-01-07) where ColumnarReadExt::read_typed_vec may read from uninitialized memory. This can cause memory exposure and undefined behavior when a crate passes an uninitialized buffer to a user-provided Read implementation. Multiple connected ad...

CVE-2021-45687

The CVE-2021-45687 issue affects the Rust raw-cpuid crate prior to 9.1.1. When the non-default serialize feature is enabled, Deserialize may lack sufficient validation, causing memory corruption or a panic. Versions before 9.1.1 are vulnerable; upgrading to 9.1.1 or later is the supported remedia...

CVE-2021-45687

An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...

CVE-2021-45688

The CVE-2021-45688 issue affects the Rust ash crate prior to version 0.33.1. The root cause is util::read_spv reading from uninitialized memory locations, which can lead to memory exposure/undefined behavior. Several sources (e.g., OSV/GHSA and CNVD notes) confirm this vulnerability and reference...

CVE-2021-45689

An issue was discovered in the gfx-auxil crate through 2021-01-07 for Rust. gfxauxil::readspirv may read from uninitialized memory locations...

CVE-2021-45689

CVE-2021-45689 affects the Rust crate gfx-auxil . The function gfx_auxil::read_spirv may read from uninitialized memory, per the NVD entry (through 2021-01-07). Root cause is reading uninitialized memory in the read_spirv path. Impact is memory safety issues (undefined behavior) with potential pa...

CVE-2021-45690

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializebinary may read from uninitialized memory locations...

CVE-2021-45690

CVE-2021-45690 affects the Rust crate messagepack-rs. The issue is in deserialization: deserialize_binary (and related paths) may read from uninitialized memory locations, leading to potential undefined behavior in safe Read implementations. Documented targets include deserialize_binary, deserial...

CVE-2021-45691

CVE-2021-45691 affects the Rust crate messagepack-rs (through 2021-01-26). The issue is that deserialize_string may read from uninitialized memory locations, leading to potentially unsafe reads. According to NVD, the vulnerability has a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack v...

CVE-2021-45691

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializestring may read from uninitialized memory locations...

CVE-2021-45692

An issue was discovered in the messagepack-rs crate through 2021-01-26 for Rust. deserializeextensionothers may read from uninitialized memory locations...