EUVD-2021-1902

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-35861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read...

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

afterglow (>=0.1.0 <=0.3.0), aiid_js (=0.0.1) +47 more potentially affected by unknown CVE via bumpalo (=2.6.0)

bumpalo CARGO version =2.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on bumpalo and may be impacted: - afterglow =0.1.0, =0.5.4, =0.1.0, =3.0.0, =4.0.2, =0.114.0, =0.114.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.6.1 and more Source cves: unkno...

GHSA-F85W-WVC7-CRWC bumpalo has use-after-free due to a lifetime error in `Vec::into_iter()`

In affected versions of this crate, the lifetime of the iterator produced by Vec::intoiter is not constrained to the lifetime of the Bump that allocated the vector's memory. Using the iterator after the Bump is dropped causes use-after-free accesses. The following example demonstrates memory...

bumpalo has use-after-free due to a lifetime error in `Vec::into_iter()`

In affected versions of this crate, the lifetime of the iterator produced by Vec::intoiter is not constrained to the lifetime of the Bump that allocated the vector's memory. Using the iterator after the Bump is dropped causes use-after-free accesses. The following example demonstrates memory...

RUSTSEC-2022-0078 Use-after-free due to a lifetime error in `Vec::into_iter()`

In affected versions of this crate, the lifetime of the iterator produced by Vec::intoiter is not constrained to the lifetime of the Bump that allocated the vector's memory. Using the iterator after the Bump is dropped causes use-after-free accesses. The following example demonstrates memory...

afterglow (>=0.1.0 <=0.3.0), aiid_js (=0.0.1) +47 more potentially affected by unknown CVE via bumpalo (=2.6.0)

bumpalo CARGO version =2.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on bumpalo and may be impacted: - afterglow =0.1.0, =0.5.4, =0.1.0, =3.0.0, =4.0.2, =0.114.0, =0.114.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.6.1 and more Source cves: unkno...

ABC_Game_Engine (>=0.1.0 <=0.1.2), AskAI (=0.1.0) +41208 more potentially affected by CVE-2020-35861 via bumpalo (>=3.14.0 <=3.20.2)

bumpalo CARGO version =3.14.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.6, =0.0.0, =0.1.2, =0.0.0, =0.1.0-beta.1, =0.0.8, =0.1.0 and more Source cves: CVE-2020-35861 Source advisory: OSV:GHSA-VQX7-PW4R-29RR...

Out of bounds read in bumpalo

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

GHSA-VQX7-PW4R-29RR Out of bounds read in bumpalo

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

DEBIAN-CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

Authentication flaw

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

UBUNTU-CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...

CVE-2020-35861

The CVE-2020-35861 issue affects the bumpalo crate for Rust, specifically before version 3.2.1. The realloc functionality can read unknown memory, potentially allowing attackers to read cryptographic keys. No exploit details are provided in the initial/connected documents beyond this description....

CVE-2020-35861

An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys...