9507 matches found
CVE-2020-35877
CVE-2020-35877 affects the Rust ozone crate (up to version 0.1.0) with memory-safety violations caused by out-of-bounds access. Documents consistently describe an out-of-bounds read/write risk but do not provide concrete exploit details or a stated fixed version. Remediation/fixes are not specifi...
CVE-2020-35878
An issue was discovered in the ozone crate through 2020-07-04 for Rust. Memory safety is violated because of the dropping of uninitialized memory...
CVE-2020-35878
The CVE-2020-35878 issue affects the Rust Ozone crate (up to 2020-07-04). Reported memory safety violations involve dropping uninitialized memory, with other sources noting out-of-bounds access in ozone. Public references (NVD entry, RH advisory, OSV/RUSTSEC) describe the vulnerability as memory ...
CVE-2020-35879
An issue was discovered in the rulinalg crate through 2020-02-11 for Rust. There are incorrect lifetime-boundary definitions for RowMut::rawslice and RowMut::rawslicemut...
CVE-2020-35879
The CVE-2020-35879 entry concerns the rulinalg crate in Rust, where RowMut::raw_slice and RowMut::raw_slice_mut have incorrect lifetime-boundary definitions. This can allow multiple mutable references to the same location, potentially causing incorrect calculations or data races if both reference...
CVE-2020-35880
The CVE-2020-35880 entry relates to the Rust bigint crate (pre-2020-05-07). The connected advisories describe an unsoundness in bigint, i.e., a soundness violation in the implementation. Practical impact and exploit details are not provided in the supplied documents; they only state there is a so...
CVE-2020-35880
An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation...
CVE-2020-35881
CVE-2020-35881 affects the traitobject crate in Rust (through 2020-06-01). The issue stems from incorrect fat-pointer layout assumptions, potentially causing out-of-bounds writes and memory corruption (also described in related advisories such as GHSA-J79J-CX3H-G27H).
CVE-2020-35881
An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...
CVE-2020-35882
CVE-2020-35882 (rocket crate, Rust) : The issue affects the rocket crate prior to 0.4.5. LocalRequest::clone reuses the inner Request pointer and creates more than one mutable reference to the same object, which can lead to a data race in certain API usage. Public sources consistently describe th...
CVE-2020-35883
CVE-2020-35883 affects the Rust crate mozwire (through 2020-08-18). A directory traversal flaw in a parameter used to form local file paths allows overwriting files ending in .conf. Root cause: improper sanitization of user-controlled path data, enabling traversal via "../" sequences. Documented ...
CVE-2020-35884
CVE-2020-35884 affects the Rust tiny_http crate (through 2020-06-16). The issue enables HTTP Request smuggling via a malformed Transfer-Encoding header, as described in the CVE entry. The vulnerability is associated with partial confidentiality and partial integrity impact (per NVD CVSS metrics)....
CVE-2020-35884
An issue was discovered in the tinyhttp crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header...
CVE-2020-35885
An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation...
CVE-2020-35885
The CVE-2020-35885 issue affects the Rust alpm-rs crate, where StrcCtx deallocates a memory region it does not own. This memory-safety flaw can lead to double-free or use-after-free conditions, as documented by associated advisories (e.g., RUSTSEC-2020-0032 and GHSA entries) and related OSV/NVD r...
CVE-2020-35886
An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race...
CVE-2020-35886
The CVE-2020-35886 issue concerns the arr crate (Rust) up to 2020-08-25. It describes a data race caused by smuggling non-Sync/Send types across a thread boundary, due to incorrect Sync/Send bounds. The connected records (NVD/NVD mirrors, Red Hat OSV/GHSA advisories, OSVGHSA entries) consistently...
CVE-2020-35887
An issue was discovered in the arr crate through 2020-08-25 for Rust. There is a buffer overflow in Index and IndexMut...
CVE-2020-35887
CVE-2020-35887 affects the Rust arr crate, with a buffer overflow in Index and IndexMut reported through 2020-08-25. The available documents identify the vulnerable code paths in arr’s Index/IndexMut implementations but do not specify affected versions, patches, or mitigations. Other sources desc...
CVE-2020-35888
An issue was discovered in the arr crate through 2020-08-25 for Rust. Uninitialized memory is dropped by Array::newfromtemplate...