CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

CVE-2018-25008

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::getmut method. This synchronization issue can be lead to memory safety issues through race conditions...

CVE-2018-25008

CVE-2018-25008 affects the Rust standard library: Arc::get_mut in Rust versions before 1.29.0 has weak synchronization that can lead to memory-safety issues via race conditions. The connected documents corroborate this description across several sources. The exact affected products/versions beyon...

CVE-2018-25008

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::getmut method. This synchronization issue can be lead to memory safety issues through race conditions...

PT-2021-19197 · Rust +6 · Rust +6

Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.52.0 Description: A double free can occur in the Vec::from iter function if freeing the element panics. This issue is related to the standard library in Rust. Recommendations: For versions prior to 1.52.0, update to...

Mozilla Rust 竞争条件问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A contention condition issue vulnerability exists in the standard library in versions of Rust prior to 1.19.0, which stems from a synchronization issue with MutexGuard objects that allows memory safety issues to...

Mozilla Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in the standard library in Rust prior to version 1.29.0, which stems from weak synchronization in the Arc::get mut method. This synchronization issue could lead to memory safety...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in the standard library in versions of Rust prior to 1.53.0, which stems from a double release that occurs in the Vec::fromiter function. No details of the...

CVE-2021-31162

CVE-2021-31162 affects the Rust standard library’s Vec::from_iter: a double free can occur if freeing the element panics in Rust versions prior to 1.52.0. Several connected advisories confirm this vulnerability and reference the same underlying issue in the Vec::from_iter path, with impact descri...

Rust 格式化字符串错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A format string error vulnerability exists in the standard library in versions of Rust prior to 1.52.0, which stems from the fact that if the length of a borrowed string is changed after checking it, it could...

CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls iteratorgetunchecked for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait...

CVE-2020-36318

In the standard library in Rust before 1.49.0, VecDeque::makecontiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free...

CVE-2021-28875

In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow...

CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

Rust Resource Management Error Vulnerability (CNVD-2021-31920)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in through crate for Rust 2021-02-18 and earlier versions, which stems from a double release in the map function. No details of the vulnerability are provided at...

Rust Buffer Overflow Vulnerability (CNVD-2021-28297)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust that stems from the loss of uninitialized memory that sometimes occurs. No details of the vulnerability are provided at this time...