EUVD-2022-0474

Malicious code in bioql PyPI...

GHSA-HFXP-P695-629X abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...

abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...

abomonation_derive (>=0.1.0 <=0.5.0), abomonation_derive_ng (=0.1.0) +29 more potentially affected by CVE-2021-45708 via abomonation (>=0.4.6 <=0.7.3)

abomonation CARGO version =0.4.6, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.1, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.0, =0.2.0, =0.3.1 and more Source cves: CVE-2021-45708 Source advisory: OSV:GHSA-HFXP-P695-629X...

GHSA-5VWC-R48G-WJ6C Abomonation transmutes &T to and from &[u8] without sufficient constraints

An issue was discovered in the abomonation crate through version 0.7.3 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

abomonation_derive (>=0.1.0 <=0.5.0), abomonation_derive_ng (=0.1.0) +29 more potentially affected by CVE-2021-45708 via abomonation (>=0.4.6 <=0.7.3)

abomonation CARGO version =0.4.6, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.1, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.0, =0.2.0, =0.3.1 and more Source cves: CVE-2021-45708 Source advisory: OSV:GHSA-5VWC-R48G-WJ6C...

Abomonation transmutes &T to and from &[u8] without sufficient constraints

An issue was discovered in the abomonation crate through version 0.7.3 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

Abomonation transmutes &T to and from &[u8] without sufficient constraints

An issue was discovered in the abomonation crate through version 0.7.3 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

CVE-2021-45708

An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

CVE-2021-45708

An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

Security feature bypass

An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust abomonation crate in versions prior to 2021-10-17, which could allow information leakage or ASLR bypass...

CVE-2021-45708

CVE-2021-45708 concerns the abomonation crate for Rust, where unconstrained transmute operations can leak information or bypass ASLR. The issue arises from the core use of transmute within abomonation’s serialization/deserialization paths and can affect alignment guarantees, potentially exposing ...

CVE-2021-45708

An issue was discovered in the abomonation crate through 2021-10-17 for Rust. Because transmute operations are insufficiently constrained, there can be an information leak or ASLR bypass...

abomonation_derive (>=0.1.0 <=0.5.0), abomonation_derive_ng (=0.1.0) +29 more potentially affected by CVE-2021-45708 via abomonation (>=0.4.6 <=0.7.3)

abomonation CARGO version =0.4.6, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.1.1, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.0, =0.2.0, =0.3.1 and more Source cves: CVE-2021-45708 Source advisory: OSV:RUSTSEC-2021-0120...

abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...

RUSTSEC-2021-0120 abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...