Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust glsl-layout crate before 0.4.0, which stems from double deletion of maparray when panic occurs. No details of the vulnerability are provided at this time...

Rust 代码问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.3.0. The vulnerability stemmed from a dereference of a raw pointer, which could be exploited by an attacker to cause an arbitrary memory address to be...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.1.1. The vulnerability stems from a lack of program soundness and may read uninitialized memory. No details of the vulnerability are provided at this...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.9.2. The vulnerability stems from an issue found in the program basicdspmatrix, which can perform two delete operations. No details of the vulnerabilit...

containers crate before for Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust prior to 0.9.11, which stems from double line deletion by a util::mutate,mutate2 when panic occurs. No details of the vulnerability are provided at this time...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in Rust late-static crate before 0.4.0, which stems from the fact that Sync is implemented with LateStatic's T: Send, causing data contention to occur. No details of the...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust fil-ocl crate through 2021-01-04, which stems from From leading to double free.No details of the vulnerability are available at this time...

Rust Buffer Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer error vulnerability exists in Rust smallvec crate before 0.6.14 and 1.x before 1.6.1, which stems from a heap-based buffer overflow in SmallVec::insert many...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust lazy-init crate through 2021-01-17, which stems from a lack of send bindings in Lazy, leading to data contention. No details of the vulnerability are provided at this time...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust has a memory corruption vulnerability in versions prior to 0.2.3. The vulnerability stems from the program's implied randomness to arrays, so that uninitialized memory may be discarded in the event of an...

Rust 代码问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust. The vulnerability stems from the dereference of a program's raw pointer. No details of the vulnerability are available at this time...

CVE-2020-36202

The CVE-2020-36202 issue affects the async-h1 crate for Rust prior to 2.3.0. When used behind a reverse proxy, request smuggling can occur if the proxy mishandles the request body, potentially allowing a smuggled request or forged headers on a shared connection. The impact described includes risk...

CVE-2020-36203

An issue was discovered in the reffers crate through 2020-12-01 for Rust. ARefss can contain a !Send,!Sync object, leading to a data race and memory corruption...

CVE-2020-36203

The CVE-2020-36203 issue concerns the reffers crate for Rust, where ARefss can contain a !Send and/or !Sync object, enabling a data race and memory corruption. The root cause is unsafely allowing Send/Sync traits to be assumed for ARefss, permitting insertion of non-Send/Sync objects via ARefss::...

CVE-2020-36204

In the provided documents, CVE-2020-36204 concerns the Rust im crate, where TreeFocus lacks Bounds on Send/Sync, enabling a data race. The issue is described across multiple sources (NVD entry, Red Hat/SUSE advisories, CNVD, GHSA, and RustSec advisory). Affected component: im crate up to 2020-11-...

CVE-2020-36204

An issue was discovered in the im crate through 2020-11-09 for Rust. Because TreeFocus does not have bounds on its Send trait or Sync trait, a data race can occur...

CVE-2020-36205

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur...

CVE-2020-36205

The CVE-2020-36205 entry concerns the Rust xcb crate (through 2020-12-10). The flaw is in base::Error which does not maintain soundness; a public ptr field enables use-after-free or double-free scenarios. Affected component: xcb crate in Rust. Root cause: misuse of a public pointer field in base:...

CVE-2020-36205

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur...

CVE-2020-36206

CVE-2020-36206 involves the Rust crate rusb prior to 0.7.0, where the lack of Send and Sync bounds on the UsbContext can enable a data race and memory corruption. The issue is documented across multiple sources (NVD entry and related advisories) and is specifically attributed to not requiring Sen...