CVE-2019-25010

An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when privategettypeid is overridden...

Design/Logic Flaw

An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly...

Design/Logic Flaw

An issue was discovered in the chacha20 crate before 0.2.3 for Rust. A ChaCha20 counter overflow makes it easier for attackers to determine plaintext...

CVE-2019-25009

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...

Design/Logic Flaw

An issue was discovered in the osstrbytes crate before 2.0.0 for Rust. It has false expectations about char::fromu32unchecked behavior...

Design/Logic Flaw

An issue was discovered in the flatbuffers crate through 2020-04-11 for Rust. readscalar and readscalarat can transmute values without unsafe blocks...

UBUNTU-CVE-2019-25010

An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when privategettypeid is overridden...

Null pointer dereference

An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness...

UBUNTU-CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-35927

An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex allows cross-thread data races of non-Send types...

CVE-2020-35926

An issue was discovered in the nanorand crate before 0.5.1 for Rust. It caused any random number generator even ChaCha to return all zeroes because integer truncation was mishandled...

CVE-2020-35925

An issue was discovered in the magnetic crate before 2.0.1 for Rust. MPMCConsumer and MPMCProducer allow cross-thread sending of a non-Send type...

CVE-2020-35924

An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex allows cross-thread sending of a non-Send type...

CVE-2020-35922

An issue was discovered in the mio crate before 0.7.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2020-35928

An issue was discovered in the concread crate before 0.2.6 for Rust. Attackers can cause an ARCache data race by sending types that do not implement Send/Sync...

CVE-2020-35923

An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN...

DEBIAN-CVE-2020-35920

An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

DEBIAN-CVE-2020-35921

An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2020-35920

An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation...

CVE-2020-35921

An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation...