Use after free in libpulse-binding

Overview Version 1.2.1 of the libpulse-binding Rust crate, released on the 15th of June 2018, fixed a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important...

GHSA-GHPQ-VJXW-CH5W Use after free in libpulse-binding

Overview Version 1.2.1 of the libpulse-binding Rust crate, released on the 15th of June 2018, fixed a pair of use-after-free issues with the objects returned by the getformatinfo and getcontext methods of Stream objects. These objects were mistakenly being constructed without setting an important...

Unaligned memory access in rand_core

Impact Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. randcore::BlockRng::nextu64 and randcore::BlockRng::fillbytes are affected. Patches The flaw was corrected by Ralf Jung and Diggory Hardy for randcore = 0.4.2...

GHSA-MMC9-PWM7-QJ5W Unaligned memory access in rand_core

Impact Affected versions of this crate violated alignment when casting byte slices to integer slices, resulting in undefined behavior. randcore::BlockRng::nextu64 and randcore::BlockRng::fillbytes are affected. Patches The flaw was corrected by Ralf Jung and Diggory Hardy for randcore = 0.4.2...

GHSA-VC2P-R46X-M3VX Argument injection in lettre

Impact Affected versions of lettre allowed argument injection to the sendmail command. It was possible, using forged to addresses, to pass arbitrary arguments to the sendmail executable. Depending on the implementation original sendmail, postfix, exim, etc. it could be possible in some cases to...

AskAI (=0.1.0), Boa (>=0.1.4 <=0.1.5) +7102 more potentially affected by CVE-2020-26235 via time (>=0.1.25 <=0.2.22)

time CARGO version =0.1.25, =0.1.4, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.1 - ablavema =0.4.2 - abra =0.0.1 and more Source cves: CVE-2020-26235 Source advisory: OSV:GHSA-WCG3-CVX6-7396...

XSS in mdBook

This is a cross-post of the official security advisoryml. The official post contains a signed version with our PGP key, as well. ml: https://groups.google.com/g/rustlang-security-announcements/c/3-sO6of29O0 The Rust Security Response Working Group was recently notified of a security issue affecti...

GHSA-GX5W-RRHP-F436 XSS in mdBook

This is a cross-post of the official security advisoryml. The official post contains a signed version with our PGP key, as well. ml: https://groups.google.com/g/rustlang-security-announcements/c/3-sO6of29O0 The Rust Security Response Working Group was recently notified of a security issue affecti...

GHSA-3358-4F7F-P4J4 Use after free in generic-array

An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes...

Use after free in heapless

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

GHSA-QGWF-R2JJ-2CCV Use after free in heapless

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...

Data races in model

Shared data structure in model crate implements Send and Sync traits regardless of the inner type. This allows safe Rust code to trigger a data race, which is undefined behavior in Rust. Users are advised to treat Shared as an unsafe type. It should not be used outside of the testing context, and...

Overflow in libsecp256k1

An issue was discovered in the libsecp256k1 crate before 0.5.0 for Rust. It can verify an invalid signature because it allows the R or S parameter to be larger than the curve order, aka an overflow...

Remote code execution in better-macro

An issue was discovered in the better-macro crate through 2021-07-22 for Rust. It intentionally demonstrates that remote attackers can execute arbitrary code via proc-macros, and otherwise has no legitimate purpose...

GHSA-79WF-QCQV-R22R Remote code execution in better-macro

An issue was discovered in the better-macro crate through 2021-07-22 for Rust. It intentionally demonstrates that remote attackers can execute arbitrary code via proc-macros, and otherwise has no legitimate purpose...

GHSA-5325-XW5M-PHM3 Cross-site Scripting in ammonia

An issue was discovered in the ammonia crate before 3.1.0 for Rust. XSS can occur because the parsing differences for HTML, SVG, and MathML are mishandled, a similar issue to CVE-2020-26870...

AskAI (=0.1.0), BeerHolderBot (>=0.3.2 <=0.3.8) +25091 more potentially affected by CVE-2021-38191 via tokio (>=0.3.7 <=1.5.0)

tokio CARGO version =0.3.7, =0.3.2, =0.1.0, =1.0.2, =0.1.0, =0.1.0, =1.0.0-1, =0.1.0, =1.0.0, =1.0.1, =4.3.0, =4.4.0 - NtH1M =0.2.4 and more Source cves: CVE-2021-38191 Source advisory: OSV:GHSA-2GRH-HM3W-W7HV...

Incorrect buffer size calculation in iced-x86

An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. In Decoder::new, slice.getuncheckedslice.length is used unsafely...

ABC-ECS (>=0.1.0 <=0.1.2), VigilantLamp (>=0.0.1 <=0.0.3) +284 more potentially affected by CVE-2021-38187 via anymap (>=0.10.3 <=0.12.1)

anymap CARGO version =0.10.3, =0.1.0, =0.0.1, =0.1.6, =0.1.0-alpha.2, =0.8.0, =0.1.0, =5.0.0, =5.2.2, =0.0.1-alpha+3, =0.1.1, =0.1.1, =0.1.0, =0.1.1, =0.1.1, =0.1.2 and more Source cves: CVE-2021-38187 Source advisory: OSV:GHSA-HC92-9H3M-C39J...

Incorrect cast in anymap

An issue was discovered in the anymap crate through 0.12.1 for Rust. It violates soundness via conversion of a u8 to a u64...