Lucene search
+L

61 matches found

UbuntuCve
UbuntuCve
added 2021/12/27 12:15 a.m.19 views

CVE-2018-25024

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption...

9.8CVSS7.2AI score0.01288EPSS
Exploits0References3
Prion
Prion
added 2021/12/27 12:15 a.m.16 views

Memory corruption

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption...

7.5CVSS9.3AI score0.01288EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/12/27 12:15 a.m.14 views

Memory corruption

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

7.5CVSS9.3AI score0.01288EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2021/12/27 12:15 a.m.15 views

Memory corruption

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...

7.5CVSS9.3AI score0.01324EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2021/12/27 12:15 a.m.3 views

UBUNTU-CVE-2018-25025

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

9.8CVSS5.8AI score0.01288EPSS
Exploits0References4
OSV
OSV
added 2021/12/27 12:15 a.m.3 views

UBUNTU-CVE-2018-25026

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...

9.8CVSS7.3AI score0.01324EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/12/27 12:0 a.m.29 views

Rust actix-web crate 缓冲区错误漏洞

Rust actix-web crate is a Rust web framework. a security vulnerability exists in versions of Rust actix-web crate prior to 0.7.15, which stems from the fact that it can unreasonably prolong the life cycle of a string, which can be exploited by an attacker to cause memory corruption...

9.8CVSS5.6AI score0.01288EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/12/27 12:0 a.m.29 views

Rust actix-web crate 缓冲区错误漏洞

Rust actix-web crate is a Rust web framework. security vulnerability exists in Mozilla Rust actix-web crate versions prior to 0.7.15, which can be exploited by attackers to cause memory corruption...

9.8CVSS5.6AI score0.01324EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/12/27 12:0 a.m.44 views

Rust actix-web crate 缓冲区错误漏洞

Rust actix-web crate is a Rust web framework. mozilla Rust actix-web crate memory corruption vulnerability can be exploited by attackers to cause memory corruption...

9.8CVSS5.6AI score0.01288EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/12/26 9:55 p.m.33 views

CVE-2018-25024

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption...

9.4AI score0.01288EPSS
Exploits0References2
CVE
CVE
added 2021/12/26 9:55 p.m.68 views

CVE-2018-25024

CVE-2018-25024 (actix-web) affects the actix-web crate prior to 0.7.15 (Rust). The issue allows unsoundly coercing an immutable reference into a mutable reference, causing memory corruption. Severity is high (NVD CVSS v3.1: 9.8, CRITICAL; CVSS v2: 7.5, HIGH). The provided documents do not specify...

9.8CVSS9.2AI score0.01288EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/26 9:55 p.m.17 views

CVE-2018-25025

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...

9.4AI score0.01288EPSS
Exploits0References2
CVE
CVE
added 2021/12/26 9:55 p.m.70 views

CVE-2018-25025

CVE-2018-25025 affects the Rust actix-web crate before version 0.7.15, where it can unsoundly extend the lifetime of a string, leading to memory corruption. The issue is documented with high/critical impact (NVD: CVSS v2 7.5 HIGH; CVSS v3.1 9.8 CRITICAL) and is associated with a network attack su...

9.8CVSS9.2AI score0.01288EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2021/12/26 9:55 p.m.68 views

CVE-2018-25026

CVE-2018-25026 affects the Rust crate actix-web (before 0.7.15). The vulnerability allows an object that cannot be sent between threads to be marked as Send, enabling memory corruption. This is a Rust web framework issue identified in multiple sources; the core of the problem is the incorrect Sen...

9.8CVSS9.2AI score0.01324EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/12/26 9:55 p.m.26 views

CVE-2018-25026

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption...

9.4AI score0.01324EPSS
Exploits0References2
OSV
OSV
added 2021/12/15 10:51 p.m.29 views

GHSA-GJRJ-9RJ4-PGWX DoS Vulnerability from Upstream Actix Web Issues

Impact This vulnerability affects all users of the perseus deploy functionality who have not exported their sites to static files. If you are using the inbuilt Perseus server in production, there is a memory leak in Actix Web stemming from this upstream issue which can allow even a single user to...

7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/12/15 10:51 p.m.20 views

DoS Vulnerability from Upstream Actix Web Issues

Impact This vulnerability affects all users of the perseus deploy functionality who have not exported their sites to static files. If you are using the inbuilt Perseus server in production, there is a memory leak in Actix Web stemming from this upstream issue which can allow even a single user to...

7.1AI score
Exploits0References3Affected Software1
vulnersOsv
vulnersOsv
added 2021/08/25 8:42 p.m.4 views

exonum (=0.9.7), kubeless (>=0.1.0 <=0.1.3) +1 more potentially affected by CVE-2018-25024 +2 more via actix-web (>=0.2.1 <=0.6.15)

actix-web CARGO version =0.2.1, =0.1.0, =0.1.3 - sockjs =0.1.0 Source cves: CVE-2018-25024, CVE-2018-25025, CVE-2018-25026 Source advisory: OSV:GHSA-W65J-G6C7-G3M4...

9.8CVSS7.2AI score0.01324EPSS
Exploits0
OSV
OSV
added 2021/08/25 8:42 p.m.10 views

GHSA-W65J-G6C7-G3M4 Multiple memory safety issues in actix-web

Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...

9.8CVSS7.7AI score0.01324EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2021/08/25 8:42 p.m.15 views

Multiple memory safety issues in actix-web

Affected versions contain multiple memory safety issues, such as: - Unsoundly coercing immutable references to mutable references - Unsoundly extending lifetimes of strings - Adding the Send marker trait to objects that cannot be safely sent between threads This may result in a variety of memory...

5.5AI score
Exploits0References3Affected Software1
Rows per page
Query Builder