GHSA-J3W3-P6MR-3HRH DynFuture Drop Can Construct a Dangling Reference

DynFuture is unsound because its Drop implementation transmutes a trait-object reference into unrelated reference types, which constructs an invalid reference from trait object metadata. This issue was reproduced against dyn-future 3.0.4 under Miri. The crate is unmaintained...

GHSA-J8CJ-HW74-64JV Hive has Double-free and Use After Free Vulnerabilities

Drop implementation for Hive did perform free, but so did Hive::close, which, at the end of the scope performed Drop, therefore triggering double-free. Additionally, function Hive::fromhandle was not marked as unsafe, making it, in combination with ashandle easy to clone and trigger double-free i...

EUVD-2021-1865

Malware in sbrugna...

CVE-2025-57613

An issue was discovered in rust-ffmpeg 0.3.0 after comit 5ac0527 A null pointer dereference vulnerability in the input constructor function allows an attacker to cause a denial of service. The vulnerability is triggered when the avioalloccontext call fails and returns NULL, which is then stored a...

PT-2025-35577

Name of the Vulnerable Software and Affected Versions: rust-ffmpeg version 0.3.0 Description: A null pointer dereference issue exists in the input constructor function. This can lead to a denial of service when the avio alloc context call fails and returns NULL, which is subsequently dereferenced...

array-init-cursor is unsound when used with types that implement `Drop`

The Drop implementation will get run twice when using the cursor. This issue does not affect you, if you are using only using the crate with types that are Copy such as u8. This issue also does not affect you, if you are only depending on it through the crate planus...

GHSA-67R5-RQWV-9P9Q array-init-cursor is unsound when used with types that implement `Drop`

The Drop implementation will get run twice when using the cursor. This issue does not affect you, if you are using only using the crate with types that are Copy such as u8. This issue also does not affect you, if you are only depending on it through the crate planus...

Unsound sending of non-Send types across threads

Affected versions can run the Drop impl of a non-Send type on a different thread than it was created on. The flaw occurs when a stderr write performed by the threadalone crate fails, for example because stderr is redirected to a location on a filesystem that is full, or because stderr is a pipe...

Mozilla Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in Rust id-map crate 2021-02-26 and earlier versions, which stems from removeset being DOUBLE FREE when an emergency occurs in Drop impl. No detailed vulnerabilit...