CVE-2021-45715

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createwindowfunction has a use-after-free...

CVE-2021-45715

rusqlite vulnerabilities (CVE-2021-45715) affect Rust crates 0.25.x before 0.25.4 and 0.26.x before 0.26.2 with use-after-free in various callback hooks. OSV/GHSA details show direct issues in create_window_function, create_scalar_function, create_aggregate_function, create_collation, and hooks s...

CVE-2021-45716

The CVE-2021-45716 issue affects the rusqlite crate for Rust, in versions 0.25.x before 0.25.4 and 0.26.x before 0.26.2, where create_collation (and related closure-handling APIs) exhibits a use-after-free condition. The OSV entries for rusqlite (GHSA variants) and related advisories confirm the ...

CVE-2021-45716

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. createcollation has a use-after-free...

CVE-2021-45717

The CVE-2021-45717 entry corresponds to an issue in the rusqlite crate (Rust) where use-after-free vulnerabilities exist in multiple callback/hooks. Affected versions are 0.25.x before 0.25.4 and 0.26.x before 0.26.2; the problem affects functions that register or invoke callbacks, including: com...

CVE-2021-45717

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. commithook has a use-after-free...

CVE-2021-45718

The CVE-2021-45718 entry concerns rusqlite for Rust with multiple use-after-free issues in 0.25.x before 0.25.4 and 0.26.x before 0.26.2. Affected components include rollback_hook, commit_hook, update_hook, create_scalar_function, create_aggregate_function, create_window_function, and create_coll...

CVE-2021-45718

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. rollbackhook has a use-after-free...

CVE-2021-45719

The CVE-2021-45719 issue affects rusqlite (Rust) versions 0.25.x before 0.25.4 and 0.26.x before 0.26.2, with use-after-free in update_hook (and related closure hooks) that could compromise safety. Multiple OSV entries and advisories confirm use-after-free in several rusqlite APIs, including crea...

CVE-2021-45719

An issue was discovered in the rusqlite crate 0.25.x before 0.25.4 and 0.26.x before 0.26.2 for Rust. updatehook has a use-after-free...

CVE-2021-45720

The CVE-2021-45720 entry concerns the Rust lru crate (pre-0.7.1). The vulnerability arises in the iterators for the cache: calling operations such as pop() removes and frees a value, yet references to that value may still be accessed, causing a use-after-free. Affected component: lru crate iterat...

CVE-2021-45720

An issue was discovered in the lru crate before 0.7.1 for Rust. The iterators have a use-after-free, as demonstrated by an access after a pop operation...

CVE-2021-45686

The CVE-2021-45686 issue affects the csv-sniffer crate (Rust) and is due to preamble_skipcount reading from uninitialized memory locations. This can cause undefined behavior and memory exposure in affected builds. Multiple sources (NVD, Red Hat advisories, OSV/GHSA entries) describe the same root...

CVE-2021-45686

An issue was discovered in the csv-sniffer crate through 2021-01-05 for Rust. preambleskipcount may read from uninitialized memory locations...

Rust rusqlite crate资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...

Rust lru crate 资源管理错误漏洞

Mozilla Rust lru crate is an implementation of the LRU cache. a security vulnerability exists in versions of Mozilla Rust lru crate prior to 0.7.1, which can lead to a resource management error. An attacker could exploit this vulnerability to cause memory corruption...

CVE-2018-25023

An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type...

CVE-2018-25023

An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type...

Rust rust-embed crate 路径遍历漏洞

rust-embed is the embedding of static assets into rust binaries. rust-embed versions prior to 6.3.0 have security vulnerabilities that can be exploited by attackers in debug mode to cause directory traversal...

Rust rusqlite crate 资源管理错误漏洞

Rust rusqlite crate is an ergonomic wrapper for using SQLite from Rust. it attempts to expose a rust-postgres-like interface. versions 0.25.x prior to 0.25.4 and 0.26.x prior to 0.26.2 of Rust rusqlite crate are vulnerable to security vulnerability, which stems from a resource management error in...