Lucene search
K

2519 matches found

OSV
OSV
added 2022/06/17 12:13 a.m.12 views

GHSA-P6GJ-GPC8-F8XW Aliased mutable references from `tls_rand` & `TlsWyRand`

TlsWyRand's implementation of Deref unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior...

9.8CVSS9.4AI score0.01191EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/17 12:13 a.m.18 views

AtomicBucket<T> unconditionally implements Send/Sync

In the affected versions of the crate, AtomicBucket unconditionally implements Send/Sync traits. Therefore, users can create a data race to the inner T: !Sync by using the AtomicBucket::datawith API. Such data races can potentially cause memory corruption or other undefined behavior. The flaw was...

4.6AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/17 12:13 a.m.15 views

GHSA-3HXH-7JXM-59X4 AtomicBucket<T> unconditionally implements Send/Sync

In the affected versions of the crate, AtomicBucket unconditionally implements Send/Sync traits. Therefore, users can create a data race to the inner T: !Sync by using the AtomicBucket::datawith API. Such data races can potentially cause memory corruption or other undefined behavior. The flaw was...

8.1CVSS8.1AI score0.00741EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/17 12:11 a.m.11 views

Deserialization functions pass uninitialized memory to user-provided Read

Affected versions of this crate passed an uninitialized buffer to a user-provided Read instance in: deserializebinary deserializestring deserializeextensionothers deserializestringprimitive This can result in safe Read implementations reading from the uninitialized buffer leading to undefined...

6.9AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/17 12:11 a.m.17 views

GHSA-M325-RXJV-PWPH Deserialization functions pass uninitialized memory to user-provided Read

Affected versions of this crate passed an uninitialized buffer to a user-provided Read instance in: deserializebinary deserializestring deserializeextensionothers deserializestringprimitive This can result in safe Read implementations reading from the uninitialized buffer leading to undefined...

9.8CVSS9.3AI score0.01372EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:59 p.m.13 views

Reading on uninitialized buffer may cause UB ( `gfx_auxil::read_spirv()` )

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

6.8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/16 11:59 p.m.2 views

GHSA-28P5-7RG4-8V99 Reading on uninitialized buffer may cause UB ( `gfx_auxil::read_spirv()` )

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

9.8CVSS7.3AI score0.01191EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:54 p.m.13 views

`Read` on uninitialized buffer may cause UB ( `read_entry()` )

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. There are two of such cases gooffsetlog::readentry & offsetlog::readentry. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect...

3.4AI score
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/16 11:54 p.m.14 views

GHSA-P56P-GQ3F-WHG8 `Read` on uninitialized buffer may cause UB ( `read_entry()` )

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. There are two of such cases gooffsetlog::readentry & offsetlog::readentry. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect...

9.8CVSS9.4AI score0.01191EPSS
Exploits0References4
OSV
OSV
added 2022/06/16 11:52 p.m.11 views

GHSA-MPG5-FVWP-42M2 Unsoundness in `dashmap` references

Reference returned by some methods of Ref and similar types may outlive the Ref and escape the lock. This causes undefined behavior and may result in a segfault. More information in dashmap167 issue...

6.8AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:51 p.m.10 views

`Read` on uninitialized memory may cause UB (fn preamble_skipcount())

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation within fn preambleskipcount. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading fro...

3.6AI score
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/16 11:51 p.m.16 views

GHSA-R67P-M7G9-GXW6 `Read` on uninitialized memory may cause UB (fn preamble_skipcount())

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation within fn preambleskipcount. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading fro...

9.8CVSS9.4AI score0.01191EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:51 p.m.14 views

Non-aligned u32 read in Chacha20 encryption and decryption

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...

2.1AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/16 11:51 p.m.6 views

GHSA-PMCV-MGCF-RVXG Non-aligned u32 read in Chacha20 encryption and decryption

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...

9.8CVSS7.2AI score0.00753EPSS
Exploits0References3
OSV
OSV
added 2022/06/16 11:48 p.m.16 views

GHSA-CXCC-Q839-2CW9 columnar: `Read` on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec())

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation ColumnarReadExt::readtypedvec. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading...

9.8CVSS9.4AI score0.01191EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:46 p.m.8 views

InputStream::read_exact : `Read` on uninitialized buffer causes UB

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

6.8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/16 11:46 p.m.16 views

GHSA-HMX9-JM3V-33HV InputStream::read_exact : `Read` on uninitialized buffer causes UB

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

9.8CVSS9.4AI score0.01191EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:45 p.m.12 views

`Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`)

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

6.8AI score
Exploits0References3Affected Software1
OSV
OSV
added 2022/06/16 11:45 p.m.1 views

GHSA-5PHC-849H-VCXG `Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`)

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...

9.8CVSS7.3AI score0.01191EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/06/16 11:44 p.m.13 views

`read` on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max)

Affected versions of this crate calls a user provided Read implementation on an uninitialized buffer. Read on uninitialized buffer is defined as undefined behavior in Rust...

7AI score
Exploits0References3Affected Software1
Rows per page
Query Builder