Mozilla Rust Post-Release Reuse and Double-Release Vulnerability

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. A reuse-after-release and double-release vulnerability exists in standard inventory in versions of Rust prior to 1.49.0. The vulnerability stems from...

Rust Buffer Overflow Vulnerability (CNVD-2021-28295)

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. A buffer overflow vulnerability exists in the standard stock in versions of Rust prior to 1.50.0. The vulnerability stems from readtoend not validating the return...

Rust integer overflow vulnerability (CNVD-2021-28296)

Rust is a systems programming language characterized by fast operation, the ability to prevent segmentation errors, and thread-safety. An integer overflow vulnerability exists in the Zip implementation of the standard library in versions of Rust prior to 1.52.0. An attacker can exploit this...

CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls iteratorgetunchecked for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait...

CVE-2015-20001

In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside siftup or siftdownrange panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory...

CVE-2021-28875

In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow...

CVE-2020-36318

In the standard library in Rust before 1.49.0, VecDeque::makecontiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

DEBIAN-CVE-2021-28875

In the standard library in Rust before 1.50.0, readtoend does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow...

CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls iteratorgetunchecked for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait...

DEBIAN-CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

DEBIAN-CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...

DEBIAN-CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls iteratorgetunchecked for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait...

CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

DEBIAN-CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...

CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...