MAL-2026-3705 Malicious code in math-array-tools (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1b6411ce9c35210436bef6dadb284e5d89ec85c2cc17f970509aa4b5f30c2440 During installation, package exfiltrates some basic info to a GitHub issue comment, and then attempt to set up a persistent infostealer focused on exfiltrating...

EUVD-2021-1607

Malware in sbrugna...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges...

Default credentials

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges...

CVE-2022-29085

CVE-2022-29085 affects Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173. The issue is a plain-text password storage vulnerability in which credentials of a high-privilege user are stored in plain text when certain off-array tools run on the system. A local high-privile...

CVE-2022-29085

Dell Unity, Dell UnityVSA, and Dell Unity XT versions prior to 5.2.0.0.5.173 contain a plain-text password storage vulnerability when certain off-array tools are run on the system. The credentials of a user with high privileges are stored in plain text. A local malicious user with high privileges...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-78747)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A memory corruption vulnerability exists in versions of Mozilla Rust prior to 0.3.2, which stems from Rust's array-tools crate. for fixedcapacitydequelikes:: clone has an uninitialized memory. An attacker could...

GHSA-6WP2-FW3V-MFMC Memory corruption in array-tools

An issue was discovered in the array-tools crate before 0.3.2 for Rust. Affected versions of this crate don't guard against panics, so that partially uninitialized buffer is dropped when user-provided T::clone panics in FixedCapacityDequeLike::clone. This causes memory corruption...

Memory corruption in array-tools

An issue was discovered in the array-tools crate before 0.3.2 for Rust. Affected versions of this crate don't guard against panics, so that partially uninitialized buffer is dropped when user-provided T::clone panics in FixedCapacityDequeLike::clone. This causes memory corruption...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

Design/Logic Flaw

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

CVE-2020-36452

The CVE-2020-36452 issue affects the Rust crate array-tools prior to 0.3.2. The vulnerability is in FixedCapacityDequeLike::clone(), which can drop uninitialized memory, causing memory corruption. CVSS info from NVD shows high to critical impact (base scores 7.5–9.8) with network attack vector an...

CVE-2020-36452

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone has a drop of uninitialized memory...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A memory corruption vulnerability exists in versions of Mozilla Rust prior to 0.3.2, which stems from Rust's array-tools crate. for fixedcapacitydequelikes:: clone has an uninitialized memory. An attacker could...