Double free

An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clonefrom upon a .clone panic...

CVE-2021-30454

An issue was discovered in the outercgi crate before 0.2.1 for Rust. A user-provided Read instance receives an uninitialized memory buffer from KeyValueReader...

CVE-2021-30454

The CVE-2021-30454 entry concerns the Rust crate outer_cgi (versions before 0.2.1). The root cause is that KeyValueReader passes an uninitialized memory buffer to a user-provided Read instance, enabling potential use of uninitialized data. Multiple connected sources (Red Hat, OSV/RUSTSEC, GHSA) c...

CVE-2021-30455

Summary: The CVE-2021-30455 entry concerns the Rust id-map crate (up to 2021-02-26) with a vulnerability causing a double free in IdMap::clone_from when a .clone panics. Multiple connected sources corroborate a double-free scenario during cloning, including Red Hat, OSV advisories, CNVD, and CVE ...

CVE-2021-30455

An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in IdMap::clonefrom upon a .clone panic...

CVE-2021-30457

The CVE-2021-30457 entry pertains to the Rust id-map crate, with a concrete issue: a double free that can occur in remove_set when a panic happens in a Drop implementation. This vulnerability affects id-map versions up to 2021-02-26 and is highlighted across multiple advisories (e.g., OSV and Red...

CVE-2021-30457

An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in removeset upon a panic in a Drop impl...

CVE-2021-30456

The CVE concerns the Rust id-map crate (through 2021-02-26). It describes a vulnerability where a double free can occur in get_or_insert if the user-provided f function panics. The crash arises because space is reserved for the value before invoking f; a panic can cause uninitialized or previousl...

CVE-2021-30456

An issue was discovered in the id-map crate through 2021-02-26 for Rust. A double free can occur in getorinsert upon a panic of a user-provided f function...

Android to Support Rust Programming Language to Prevent Memory Flaws

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project AOSP with Rust for the past 18 months...

Android to Support Rust Programming Language to Prevent Memory Flaws

Google on Tuesday announced that its open source version of the Android operating system will add support for Rust programming language in a bid to prevent memory safety bugs. To that end, the company has been building parts of the Android Open Source Project AOSP with Rust for the past 18 months...

Mozilla Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust id-map crate 2021-02-26 and earlier versions, which stems from removeset being DOUBLE FREE when an emergency occurs in Drop impl. No detailed vulnerabilit...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust version 2021-02-26 and prior versions, which stems from the possibility of a double release in get or insert. No detailed vulnerability details are...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust id-map crate version 2021-02-26 and prior versions, which stems from the discovery of a double release in IdMap::clonefrom. No detailed vulnerability...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in Rust outercgi crate versions prior to 0.2.1, which originates when a user-supplied Read instance receives an uninitialized memory buffer from a KeyValueReader. No detail...

Rust Out-of-Bounds Write Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust on 2021-02-19 and earlier versions, which stems from an out-of-bounds write in StackVec::extend that could result in an out-of-bounds write if certain exception data is...

Rust Access Control Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust has a security vulnerability in version 2021-01-26 and earlier, which stems from the fact that elements may be deleted twice if the .next method is wrong. No details of the vulnerability are available at th...

Rust Denial of Service Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A denial of service vulnerability exists in parseduration crate for Rust 2021-03-18 and earlier versions, which can be exploited by an attacker to cause a denial of service CPU and memory consumption via a large...

CVE-2021-29942

An issue was discovered in the reorder crate through 2021-02-24 for Rust. swapindex can return uninitialized values if an iterator returns a len that is too large...

CVE-2021-29942

An issue was discovered in the reorder crate through 2021-02-24 for Rust. swapindex can return uninitialized values if an iterator returns a len that is too large...