Rust Path Traversal Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Rust crate through 2020-08-18 A path traversal vulnerability exists that stems from a directory traversal situation that allows overwriting local files with .conf at the end of the filename...

Rust atom crate 竞争条件问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust atom crate, which stems from an insecure Send implementation that allows data contention across threads. No details of the vulnerability are provided at this time...

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in bitvec crate before 0.17.4 for Rust, which stems from a BitVec to BitBox conversion resulting in use-after-free or double free...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in sodiumoxide crate for Rust versions prior to 0.2.5, which stems from generichash::Digest::eq comparing itself and thus has degenerate security properties. No details of the...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust libpulse-binding crate versions prior to 2.5.0, which stems from proplist::Iterator leading to use-after-free.No detailed vulnerability details are provid...

Rust Formatting String Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rusqlite crate before 0.23.0, which stems from rusqlite::trace::log incorrectly handling format strings, and thus may violate memory safety...

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rusqlite crate before 0.23.0, which stems from the fact that memory security may be violated because of sessions.rs has use-after-free...

Rust Competition Condition Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rusqlite crate before 0.23.0, which stems from the fact that memory security can be violated via the Auxdata API...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in http crate in versions of Mozilla Rust prior to 0.1.20, which stems from HeaderMap:: The Drain API can use raw pointers to corrupt sound effects. No details of the vulnerabilit...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in streebog crate in versions of Mozilla Rust prior to 0.8.0, which stems from a Streebog hash function that produces incorrect answers. No details of the vulnerability are provid...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in trust-dns-server crate in Mozilla Rust versions prior to 0.18.1, which stems from a DNS MX and SRV null target handling error that results in stack consumption...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in versions prior to Rust magnetic crate 2.0.1 that stems from MPMCConsumer and MPMCProducer allowing cross-threaded sends of non-sending types. No details of the vulnerability ar...

Rust 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in Rust serdecbor crate versions prior to 0.10.2, which stems from the fact that the CBOR deserializer may cause stack consumption via nested semantic tags. No detailed...

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust multihash crate before 0.11.3, which stems from from slice parsing code that could cause a panic via unsanitized data from a web server...

Rust rulinalg crate 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in rulinalg crate in versions of Mozilla Rust prior to 2020-02-11, which stems from improperly defined lifecycle boundaries in RowMut::raw slice and RowMut::raw slice mut. No...

Rust Buffer Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in simple-slab crate before 0.3.3 for Rust, which stems from index allowing out-of-bounds reads...

Rust Security Vulnerabilities

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. bigint crate through 2020-05-07 for Rust A security vulnerability exists that allows soundness violations...

CVE-2020-35857

The CVE-2020-35857 entry applies to the trust-dns-server crate in Rust, prior to version 0.18.1. The issue arises from how MX and SRV null targets are handled, leading to stack consumption (stack overflow) when processing additional records for MX/SRV targets, potentially causing a crash and DOS....

Rust ozone crate 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in ozone crate in versions of Mozilla Rust prior to 2020-07-04, which stems from a memory safety violation by deleting uninitialized memory. No details of the vulnerability...

Rust Code Injection Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust hyper crate before 0.12.34, which stems from the possibility of HTTP request smuggling. In some cases, remote code can be executed using an HTTP server on a loopback...