In the standard library in Rust before 1.52.0 the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

...

In the standard library in Rust before 1.50.0 read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

...

In the standard library in Rust before 1.52.0 the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

...

In the standard library in Rust before 1.49.0 String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string.

...

Rust Resource Management Error Vulnerability (CNVD-2021-30582)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in endiantrait crate for Rust 2021-01-04 and earlier versions, which stems from an error that can occur when a user-supplied endian impl occurs panic. No detailed...

Rust Buffer Overflow Vulnerability (CNVD-2021-31914)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.2.0, which stems from the binary heap being in a failure to agree state when comparing generic elements of sift up or...

Rust Buffer Overflow Vulnerability (CNVD-2021-31913)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in the Rust standard library prior to version 1.52.0 that stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a memory...

Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-31912)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.52.0, which stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a...

Critical Photon OS Security Update - PHSA-2021-4.0-0012

Updates of 'nettle', 'rust' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-3.0-0223

Updates of 'nettle', 'rust' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2021-0223

Updates of 'nettle', 'rust' packages of Photon OS have been released...

Photon OS 3.0: Rust PHSA-2021-3.0-0223

An update of the rust package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0223. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid148908;...

Photon OS 4.0: Rust PHSA-2021-4.0-0012

An update of the rust package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-4.0-0012. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid148910;...

Critical Photon OS Security Update - PHSA-2021-0012

Updates of 'rust', 'nettle' packages of Photon OS have been released...

CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

In the standard library in Rust before 1.52.0 a double free can occur in the Vec::from_iter function if freeing the element panics.

...

CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...

CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

CVE-2017-20004

In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions...

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...