Rust buffer overflow vulnerability (CNVD-2021-37531)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in Rust serdecbor crate versions prior to 0.10.2, which stems from the fact that the CBOR deserializer may cause stack consumption via nested semantic tags. No detailed...

Unspecified Vulnerability in Rust (CNVD-2021-38322)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in mio crate for Rust prior to version 0.7.6, which stems from an incorrect expectation of the std::net::SocketAddr memory representation. No details of the vulnerability are...

Mozilla Rust ozone crate buffer overflow vulnerability (CNVD-2021-30433)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in ozone crate in versions of Mozilla Rust prior to 2020-07-04, which stems from a memory safety violation by deleting uninitialized memory. No details of the vulnerability...

Unspecified Vulnerability in Rust (CNVD-2021-37535)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions prior to Rust magnetic crate 2.0.1 that stems from MPMCConsumer and MPMCProducer allowing cross-threaded sends of non-sending types. No details of the vulnerability ar...

Rust buffer overflow vulnerability (CNVD-2021-37536)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in try-mutex crate for Rust versions prior to 0.3.0, which stems from TryMutex allowing cross-threaded sends of non-sending types. No details of the vulnerability are...

Rust Competitive Conditioning Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A Competition Condition Issue vulnerability exists in Rust concread crate versions prior to 0.2.6, which can be exploited by an attacker to cause data contention in ARCache by sending a type that does not...

Mozilla Rust traitobject crate buffer overflow vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in traitobject crate in versions of Mozilla Rust prior to 2020-06-01, which stems from the fact that it incorrectly expects a fat pointer, and can be exploited by an attack...

Rust Resource Management Error Vulnerability (CNVD-2021-37532)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust libpulse-binding crate versions prior to 2.5.0, which stems from proplist::Iterator leading to use-after-free.No detailed vulnerability details are provid...

Mozilla Rust Code Issue Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A code issue vulnerability exists in cbox crate in versions of Mozilla Rust prior to 2020-03-19, which stems from the CBox API allowing dereferencing of raw pointers. No details of the vulnerability are provided...

Unspecified Vulnerability in Mozilla Rust (CNVD-2021-36330)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in sodiumoxide crate for Rust versions prior to 0.2.5, which stems from generichash::Digest::eq comparing itself and thus has degenerate security properties. No details of the...

Unspecified Vulnerability in Rust (CNVD-2021-39164)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in miow crate for Rust prior to version 0.3.6, which stems from an incorrect expectation of the std::net::SocketAddr memory representation. No details of the vulnerability are...

Mozilla Rust Resource Management Error Vulnerability (CNVD-2021-30439)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in trust-dns-server crate in Mozilla Rust versions prior to 0.18.1, which stems from a DNS MX and SRV null target handling error that results in stack consumption...

Unspecified Vulnerability in Mozilla Rust (CNVD-2021-30438)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability in prost crate in Mozilla Rust versions prior to 0.6.1, which stems from stack consumption via crafted messages, can be exploited by an attacker to cause a denial of service or remote co...

Unspecified Vulnerability in Rust (CNVD-2021-39165)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in socket2 crate for Rust prior to version 0.3.16, which stems from its incorrect expectation of the std::net::SocketAddr memory representation. No details of the vulnerability ar...

Unspecified vulnerability in Mozilla Rust flatbuffers crate

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in flatbuffers crate in versions of Mozilla Rust prior to 2020-04-11, no details of the vulnerability are provided at this time...

Unspecified Vulnerability in Rust (CNVD-2021-39557)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust futures-intrusive crate versions prior to 0.4.0 that stems from GenericMutexGuard allowing unsynchronized types of cross-thread data contention. No details of the...

Mozilla Rust Buffer Overflow Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in chacha20 crate in Mozilla Rust versions prior to 0.2.3, which stems from a ChaCha20 counter overflow that can be exploited by an attacker to determine plaintext...

Unspecified Vulnerability in Mozilla Rust

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in flatbuffers crate in versions of Mozilla Rust prior to 0.6.1, which stems from the fact that an arbitrary byte can be reinterpreted as a bool.No details of the vulnerability ar...

CVE-2020-26297

CVE-2020-26297 affects mdBook, a Rust-based tool for building online books. The vulnerability is a cross-site scripting flaw in the search feature (introduced in 0.1.4) that could allow an attacker to execute arbitrary JavaScript in a user’s browser via a malicious search query or a crafted link....

cargo-errorbook (>=0.0.1 <=0.0.2), cautious-octo-funicular (>=0.1.4 <=0.1.5) +117 more potentially affected by CVE-2020-26297 via mdbook (>=0.2.3 <=0.4.22)

mdbook CARGO version =0.2.3, =0.0.1, =0.1.4, =1.0.0, =0.2.6, =1.0.0, =0.2.0, =0.1.0, =0.1.0, =0.1.2, =0.0.1, =0.1.0, =1.0.0, =0.1.0, =1.0.0 and more Source cves: CVE-2020-26297 Source advisory: OSV:RUSTSEC-2021-0001...