6 matches found
CVE-2026-63308
Helm through 4.2.3, fixed in commit ba6c9a2, contains a denial of service vulnerability in the Files.Lines template helper in pkg/engine/files.go that allows attackers to trigger an index out of range panic by including zero-length byte slices in chart files. Attackers can include empty files in...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File via improper redaction of byte fields in audit logs when relevant subsystems send response parameters as byte slices instead of strings. An attacker can access sensitive information, such...
CVE-2020-25576
An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints...
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.
...
GHSA-HVQC-PC78-X9WH Soundness issue in raw-cpuid
VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...
CVE-2020-25576
An issue was discovered in the randcore crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints...