Design/Logic Flaw

An issue was discovered in the cookie crate before 0.7.6 for Rust. Large integers in the Max-Age of a cookie cause a panic...

Design/Logic Flaw

An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls...

Memory corruption

An issue was discovered in the slice-deque crate before 0.1.16 for Rust. moveheadunchecked allows memory corruption because deque updates are mishandled...

Design/Logic Flaw

An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing...

UBUNTU-CVE-2019-15548

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is mishandled...

Design/Logic Flaw

An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates...

CVE-2018-20996

An issue was discovered in the crossbeam crate before 0.4.1 for Rust. There is a double free because of destructor mishandling...

Memory corruption

An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr attribute to an enum is mishandled, leading to memory corruption...

CVE-2018-20997

An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing...

PYSEC-2019-144

An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr attribute to an enum is mishandled, leading to memory corruption...

PYSEC-2019-144

An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr attribute to an enum is mishandled, leading to memory corruption...

UBUNTU-CVE-2018-20989

An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic...

UBUNTU-CVE-2019-15547

An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are mishandled...

CVE-2017-18588

An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates...

CVE-2017-18588

The CVE targets the Rust security-framework crate (before 0.1.12). When ClientBuilder uses custom root certificates, hostname verification for TLS certificates does not occur. The issue is caused by hostname validation not being performed in that scenario. A fix is available by upgrading to 0.1.1...

CVE-2017-18588

An issue was discovered in the security-framework crate before 0.1.12 for Rust. Hostname verification for certificates does not occur if ClientBuilder uses custom root certificates...

CVE-2018-20989

An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic...

CVE-2018-20989

CVE-2018-20989 affects the Rust crate named untrusted (pre-0.6.2). The issue is a flaw in error handling that can trigger an integer underflow and cause a panic. The vulnerability is documented across multiple sources (NVD entry, Red Hat, Debian, Ubuntu, Nessus plugin, GHSA advisory) consistently...

CVE-2018-20989

An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic...

CVE-2019-15549

An issue was discovered in the asn1der crate before 0.6.2 for Rust. Attackers can trigger memory exhaustion by supplying a large value in a length field...