Lucene search
+L

7 matches found

vulnrichment
vulnrichment
added 2026/04/20 10:5 a.m.4 views

CVE-2026-6654 Use-After-Free and Double-Free in IntoIter::drop when element drop panics

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

5.8AI score0.00168EPSS
Exploits1References1
osv
osv
added 2026/04/20 10:5 a.m.2 views

CVE-2026-6654 Use-After-Free and Double-Free in IntoIter::drop when element drop panics

Double-Free / Use-After-Free UAF in the IntoIter::drop and ThinVec::clear functions in the thinvec crate. A panic in ptr::dropinplace skips setting the length to zero...

5.1CVSS5.9AI score0.00168EPSS
Exploits1References6
osv
osv
added 2026/04/15 7:24 p.m.4 views

GHSA-XPHW-CQX3-667J thin-vec: Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics

Summary A Double Free / Use-After-Free UAF vulnerability has been identified in the IntoIter::drop and ThinVec::clear implementations of the thinvec crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code — no unsafe blocks required...

7.3CVSS6AI score0.00168EPSS
Exploits1References4
osv
osv
added 2026/02/24 9:15 p.m.8 views

CVE-2026-27195 Wasmtime is vulnerable to panic when dropping a `[Typed]Func::call_async` future

Wasmtime is a runtime for WebAssembly. Starting with Wasmtime 39.0.0, the component-model-async feature became the default, which brought with it a new implementation of TypedFunc::callasync which made it capable of calling async-typed guest export functions. However, that implementation had a bu...

6.9CVSS5.4AI score0.00362EPSS
Exploits0References8
redhatcve
redhatcve
added 2025/05/22 7:33 p.m.6 views

CVE-2021-28035

An issue was discovered in the stackdst crate before 0.6.1 for Rust. Because of the pushinner behavior, a drop of uninitialized memory can occur upon a val.clone panic...

9.8CVSS6.8AI score0.01167EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 7:27 p.m.14 views

CVE-2021-25902

An issue was discovered in the glsl-layout crate before 0.4.0 for Rust. When a panic occurs, maparray can perform a double drop...

7.5CVSS6.8AI score0.0139EPSS
Exploits1References1
redhat
redhat
added 2021/08/10 7:28 a.m.6 views

rust: double free in Vec::from_iter function if freeing the element panics

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

9.8CVSS5.8AI score0.0289EPSS
Exploits1References4
Rows per page
Query Builder