9500 matches found
Information disclosure
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
CVE-2020-25016 affects the rgb crate for Rust, up to and including versions before 0.8.20. The vulnerability arises because RGB wrappers allow treating underlying data as bytes, enabling reading/writing of memory as raw bytes. This can lead to dereferencing arbitrary pointers or disclosure of uni...
`cell-project` used incorrect variance when projecting through `&Cell<T>`
Overview The issue lies in the implementation of the cellproject macro which used field as const instead of field as mut . The problem being that const T is covariant in T while mut T is invariant in T. Keep in mind that &Cell is invariant in T, so casting to const T relaxed the variance, and lea...
Control Flow Guard for Clang/LLVM and Rust
As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow...
Control Flow Guard for Clang/LLVM and Rust
As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? What is Control Flow Guard? CFG is a platform security technology designed to...
Control Flow Guard for Clang/LLVM and Rust
As part of our ongoing efforts towards safer systems programming, we’re pleased to announce that Windows Control Flow Guard CFG support is now available in the Clang C/C++ compiler and Rust. What is Control Flow Guard? CFG is a platform security technology designed to enforce control flow...
PT-2020-5809 · Google +8 · Brotli Library +8
Name of the Vulnerable Software and Affected Versions: Brotli library versions prior to 1.0.8 Description: A buffer overflow exists in the Brotli library where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copyin...
SUSE SLED15 / SLES15 Security Update : rust, rust-cbindgen (SUSE-SU-2020:2041-1)
"This update for rust, rust-cbindgen fixes the following issues : rust was updated for use by Firefox 76ESR. Fixed miscompilations with rustc 1.43 that lead to LTO failures bsc1173202 Update to version 1.43.1 Updated openssl-src to 1.1.1g for CVE-2020-1967. Fixed the stabilization of AVX-512...
SUSE-SU-2020:2041-1 Security update for rust, rust-cbindgen
This update for rust, rust-cbindgen fixes the following issues: rust was updated for use by Firefox 76ESR. - Fixed miscompilations with rustc 1.43 that lead to LTO failures bsc1173202 Update to version 1.43.1 - Updated openssl-src to 1.1.1g for CVE-2020-1967. - Fixed the stabilization of AVX-512...
openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-933)
This update for rust, rust-cbindgen fixes the following issues : - Updated openssl-src to 1.1.1g for CVE-2020-1967. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-933. The text description of this...
openSUSE Security Update : rust / rust-cbindgen (openSUSE-2020-945)
This update for rust, rust-cbindgen fixes the following issues : - Updated openssl-src to 1.1.1g for CVE-2020-1967. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2020-945. The text description of this...
CoreFoundation-sys (=0.1.4), IOKit-sys (>=0.1.0 <=0.1.5) +1491 more potentially affected by unknown CVE via mach (>=0.0.3 <=0.3.2)
mach CARGO version =0.0.3, =0.1.0, =1.0.0, =1.0.3, =0.2.2, =0.2.6, =0.1.0-beta.8, =0.23.0, =0.23.0, =0.1.0, =0.1.0, =0.0.2, =0.2.0, =0.3.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0168...
CVE-2020-15093
The tough library Rust/crates.io prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A...
CVE-2020-15093
The tough library Rust/crates.io prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A...
Information disclosure
The tough library Rust/crates.io prior to version 0.7.1 does not properly verify the threshold of cryptographic signatures. It allows an attacker to duplicate a valid signature in order to circumvent TUF requiring a minimum threshold of unique signatures before the metadata is considered valid. A...
CVE-2020-15093
The CVE-2020-15093 entry concerns the tough library (Rust/crates.io) prior to version 0.7.1, where the threshold of cryptographic signatures is not properly verified. This allows an attacker to duplicate a valid signature to bypass TUF’s minimum threshold of unique signatures before metadata is c...
openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0945-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0945-1 Security update for rust, rust-cbindgen
This update for rust, rust-cbindgen fixes the following issues: rust was updated for use by Firefox 76ESR. - Fixed miscompilations with rustc 1.43 that lead to LTO failures bsc1173202 Update to version 1.43.1 - Updated openssl-src to 1.1.1g for CVE-2020-1967. - Fixed the stabilization of AVX-512...
Security update for rust, rust-cbindgen (moderate)
openSUSE Security Update: Security update for rust, rust-cbindgen Announcement ID: openSUSE-SU-2020:0945-1 Rating: moderate References: 1115645 1154817 1173202 Cross-References: CVE-2020-1967 Affected Products: openSUSE Leap 15.2 An update that solves one vulnerability and has two fixes is now...