GHSA-MP6F-P9GP-VPJ9 Array size is not checked in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with pair...

Unaligned references in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the InlineArray implementation, an unaligned reference may be generated for a type that has a large alignment requirement...

GHSA-FQPX-CQ8X-9WP4 Unaligned references in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the InlineArray implementation, an unaligned reference may be generated for a type that has a large alignment requirement...

GHSA-WRVC-72W7-XPMJ Incorrect Comparison in sodiumoxide

An issue was discovered in the sodiumoxide crate starting with 0.2.0 and prior to 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties...

Incorrect Comparison in sodiumoxide

An issue was discovered in the sodiumoxide crate starting with 0.2.0 and prior to 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties...

GHSA-J2R6-2M5C-VGH5 Counter overflow in chacha20

An issue was discovered in the chacha20 crate before 0.2.3 for Rust. A ChaCha20 counter overflow makes it easier for attackers to determine plaintext...

GHSA-R43H-GMRM-H5C9 Access of Uninitialized Pointer in linked-hash-map

An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint...

Access of Uninitialized Pointer in linked-hash-map

An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust. It creates an uninitialized NonNull pointer, which violates a non-null constraint...

GHSA-9P9M-9XWW-QJCX Array size is not checked in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

Array size is not checked in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit...

acheron (=0.1.0), actix_web_metrics_mw (>=0.0.1 <=0.3.1) +142 more potentially affected by CVE-2020-25791 +5 more via sized-chunks (>=0.1.3 <=0.5.3)

sized-chunks CARGO version =0.1.3, =0.0.1, =0.11.0, =0.11.0, =0.2.0, =0.6.0, =0.4.0, =0.2.0, =1.6.0, =0.10.0, =0.10.0, =0.1.1, =0.33.0, =0.45.1 - cargo-authors =0.5.0 and more Source cves: CVE-2020-25791, CVE-2020-25792, CVE-2020-25793, CVE-2020-25794, CVE-2020-25795, CVE-2020-25796 Source...

GHSA-64GV-QG2V-VXV6 Array size is not checked in sized-chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From...

acheron (=0.1.0), actix_web_metrics_mw (>=0.0.1 <=0.3.1) +142 more potentially affected by CVE-2020-25791 +5 more via sized-chunks (>=0.1.3 <=0.5.3)

sized-chunks CARGO version =0.1.3, =0.0.1, =0.11.0, =0.11.0, =0.2.0, =0.6.0, =0.4.0, =0.2.0, =1.6.0, =0.10.0, =0.10.0, =0.1.1, =0.33.0, =0.45.1 - cargo-authors =0.5.0 and more Source cves: CVE-2020-25791, CVE-2020-25792, CVE-2020-25793, CVE-2020-25794, CVE-2020-25795, CVE-2020-25796 Source...

Memory exhaustion in asn1_der

An issue was discovered in the asn1der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field...

GHSA-V5R6-6R3C-WQXC Memory exhaustion in asn1_der

An issue was discovered in the asn1der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field...

Use after free in libflate

An issue was discovered in the libflate crate before 0.1.25 for Rust. MultiDecoder::read has a use-after-free, leading to arbitrary code execution...

GHSA-4X25-PVHW-5224 Algorithms compute incorrect results in blake2

An issue was discovered in the blake2 crate before 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes...

Out of bounds write in slice-deque

Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...

GHSA-C3M3-C39Q-PV23 Out of bounds write in slice-deque

Affected versions of this crate entered a corrupted state if mem::sizeof:: % allocationgranularity != 0 and a specific allocation pattern was used: sufficiently shifting the deque elements over the mirrored page boundary. This allows an attacker that controls controls both element insertion and...

Brains (>=0.1.0 <=0.2.0), Route16 (=0.0.1) +910 more potentially affected by CVE-2019-15544 via protobuf (>=0.0.10 <=2.5.0)

protobuf CARGO version =0.0.10, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.13.0, =0.11.0, =0.11.0, =1.1.0, =0.4.3, =0.1.0, =0.1.0, =0.1.0, =0.17.0 and more Source cves: CVE-2019-15544 Source advisory: OSV:GHSA-MH6H-F25P-98F8...