CVE-2021-29939

An issue was discovered in the stackvector crate through 2021-02-19 for Rust. There is an out-of-bounds write in StackVec::extend if sizehint provides certain anomalous data...

CVE-2021-29940

An issue was discovered in the through crate through 2021-02-18 for Rust. There is a double free in through and throughand upon a panic of the map function...

CVE-2021-29940

CVE-2021-29940 affects the Rust crate and related advisories: the through/through_and code path can trigger a double free when the mapping function panics. The root cause involves duplicating ownership via ptr::read on a mutable reference, causing both the original and the duplicated object to be...

CVE-2021-29941

CVE-2021-29941 concerns the Rust crate reorder (through 2021-02-24) and stems from the function swap_index performing an out-of-bounds write when an iterator’s len() is inconsistent with the yielded elements. The issue arises because swap_index reserves capacity and sets vector length based on it...

CVE-2021-29941

An issue was discovered in the reorder crate through 2021-02-24 for Rust. swapindex has an out-of-bounds write if an iterator returns a len that is too small...

CVE-2021-29942

An issue was discovered in the reorder crate through 2021-02-24 for Rust. swapindex can return uninitialized values if an iterator returns a len that is too large...

CVE-2021-29942

CVE-2021-29942 affects the Rust reorder crate. The issue is in swap_index: if the iterator’s len() is too large, swap_index may return uninitialized values; if len() is too small, it can write out of bounds. In short, the vulnerability stems from incorrect use of iterator length hints in construc...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A denial of service vulnerability exists in parseduration crate for Rust 2021-03-18 and earlier versions, which can be exploited by an attacker to cause a denial of service CPU and memory consumption via a large...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in through crate for Rust 2021-02-18 and earlier versions, which stems from a double release in the map function. No details of the vulnerability are provided at...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in telemetry crate for Rust 2021-02-17 and earlier versions, which stems from the loss of uninitialized memory if panics is called using misc::vecwithsize. No details of the...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust that stems from the loss of uninitialized memory that sometimes occurs. No details of the vulnerability are provided at this time...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in adtensor crate for Rust 2021-01-11 and earlier versions, which stems from the FromIterator implementation via Vector and Matrix, with some uninitialized memory loss. No details...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in rocket crate for Rust prior to version 0.4.7, which stems from the fact that if a user-supplied function appears to be panic, the uri::Formatter can be...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in reorder crate for Rust 2021-02-24 and earlier versions, which stems from a swap index write operation that oversteps its bounds if the len returned by the iterator is to...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust on 2021-02-19 and earlier versions, which stems from an out-of-bounds write in StackVec::extend that could result in an out-of-bounds write if certain exception data is...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in reorder crate for Rust 2021-02-24 and earlier, which stems from the fact that swapindex may return uninitialized values if the len returned by the iterator is too large...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in endiantrait crate for Rust 2021-01-04 and earlier versions, which stems from an error that can occur when a user-supplied endian impl occurs panic. No detailed...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in arenavec crate for Rust versions 2021-01-12 and earlier, which stems from T::drop. No details of the vulnerability are provided at this time...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in slice-deque crate for Rust 2021-02-19 and earlier versions, which originates from SliceDeque::drainfilter.No detailed vulnerability details are available at th...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust has a security vulnerability in version 2021-01-26 and earlier, which stems from the fact that elements may be deleted twice if the .next method is wrong. No details of the vulnerability are available at th...