9526 matches found
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in internment crate before 0.4.2 for Rust, which stems from an unconditional implementation of Sync that results in memory-corrupted data contention. No detailed vulnerability...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in toodee crate before 0.3.0 for Rust, which can be exploited by an attacker to read the contents of uninitialized memory locations...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in nanoarena crate before 0.5.2 for Rust, which can be exploited by attackers to cause a write out-of-bounds or use-after-free...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in truetype crate before 0.30.1 for Rust, which originates from a read operation reading the contents of an uninitialized memory location. No details of the vulnerability are...
Rust 资源管理错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in toodee crate before 0.3.0 for Rust, which stems from causing a double free when the iterator is panic.No details of the vulnerability are provided at this time...
Rust 缓冲区错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in bytestruct crate before 0.6.1 for Rust, which stems from a problem with the deserialization method that results in the loss of uninitialized memory. No details of the...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in stackdst crate before 0.6.1 for Rust, where uninitialized memory is lost during a val.clone panic. No details of the vulnerability are provided at this time...
Rust 资源管理错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in scratchpad crate before 1.3.1 for Rust, which stems from the move elements function being able to use double free. no details of the vulnerability are currently available...
Rust 资源管理错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in stackdst crate before 0.6.1 for Rust, which stems from the pushinner behavior, with double free at val.clone.No detailed vulnerability details are provided at...
Rust 数字错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in bam crate before 0.1.3 for Rust, which stems from an integer underflow and out-of-bounds write during loading of a bgzip block, no details of the vulnerability are provided at...
Rust 缓冲区错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in quinn crate before 0.7.0 for Rust, which stems from having invalid memory access to certain versions of the standard library. No details of the vulnerability are current...
fac (>=0.5.2 <=0.5.3) potentially affected by CVE-2021-28037 via internment (=0.3.13)
internment CARGO version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on internment and may be impacted: - fac =0.5.2, =0.5.3 Source cves: CVE-2021-28037 Source advisory: OSV:RUSTSEC-2021-0036...
PT-2021-17971 · Rust +6 · Rust +6
Name of the Vulnerable Software and Affected Versions: Rust versions prior to 1.50.0 Description: The issue arises from the read to end function in the standard library not validating the return value from Read in an unsafe context, potentially leading to a buffer overflow. Recommendations: For...
CVE-2021-27671
An issue was discovered in the comrak crate before 0.9.1 for Rust. XSS can occur because the protection mechanism for data: and javascript: URIs is case-sensitive, allowing for example Data: to be used in an attack...
CVE-2021-27671
The CVE-2021-27671 issue affects the comrak crate for Rust (pre-0.9.1). The root cause is a case-sensitive protection check for data: and javascript: URLs, allowing data: URLs to bypass the guard and enable cross-site scripting (XSS). This is described consistently across sources (NVD entry and R...
RUSTSEC-2021-0050 swap_index can write out of bounds and return uninitialized memory
swapindex takes an iterator and swaps the items with their corresponding indexes. It reserves capacity and sets the length of the vector based on the .len method of the iterator. If the len returned by the iterator is larger than the actual number of elements yielded, then swapindex creates a...
Rust Buffer Overflow Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in versions of Rust prior to 0.17.0 that can be exploited by an attacker to overwrite a heap memory location...
Rust Resource Management Error Vulnerability (CNVD-2021-13651)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in versions of Rust prior to 0.3.1 that stems from insertsliceclone generating two drop actions when a Clone exception occurs. No details of the vulnerability are...
Rust Information Disclosure Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An information disclosure vulnerability exists in versions of Rust prior to 0.1.3, which can be exploited to obtain sensitive information via a memory location that is never initialized by IoReader :: read...
Unspecified Vulnerability in Rust (CNVD-2021-13650)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions of Rust prior to 2021-02-04, and no details of the vulnerability are available at this time...