rust: double free in Vec::from_iter function if freeing the element panics

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

rust: panic safety issue in Zip implementation

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls iteratorgetunchecked more than once for the same index when the underlying iterator panics in certain conditions. This bug could lead to a memory safety violation due to an unmet safety...

rust: memory safety violation in Zip implementation when next_back() and next() are used together

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...

rust: integer overflow in the Zip implementation can lead to a buffer overflow

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

Siemens JT Utilities Null Pointer Dereference Vulnerability

Siemens JT Utilities is a software application from Siemens Germany. A security vulnerability exists in Siemens JT Utilities, which can be exploited by an attacker to cause a denial of service condition in an application due to a lack of iterator validity checking when parsing specially designed ...

CVE-2021-33714

A vulnerability has been identified in JT Utilities All versions V13.0.2.0. When parsing specially crafted JT files, a missing check for the validity of an iterator leads to NULL pointer deference condition, causing the application to crash. An attacker could leverage this vulnerability to cause ...

Siemens JT Utilities 代码问题漏洞

Siemens JT Utilities is a software application from Siemens Germany. A security vulnerability exists in Siemens JT Utilities, which can be exploited by an attacker to cause a denial of service condition in an application due to a lack of iterator validity checking when parsing specially designed ...

Updated librsvg packages fix a security vulnerability

This update patches the vendored smallvec Rust crate in librsvg to fix a security vulnerability: The Iterator implementation mishandles destructors, leading to a double free CVE-2021-25900...

XStream: Unsafe deserizaliation of com.sun.tools.javac.processing.JavacProcessingEnvironment NameProcessIterator

A flaw was found in xstream. A remote attacker may be able to load and execute arbitrary code from a remote host only by manipulating the processed input stream. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

In the standard library in Rust before 1.52.0 the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.

...

In the standard library in Rust before 1.51.0 the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

...

CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

In the standard library in Rust before 1.52.0 a double free can occur in the Vec::from_iter function if freeing the element panics.

...

Rust Buffer Overflow Vulnerability (CNVD-2021-31918)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in reorder crate for Rust 2021-02-24 and earlier versions, which stems from a swap index write operation that oversteps its bounds if the len returned by the iterator is to...

Rust buffer overflow vulnerability (CNVD-2021-29835)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in reorder crate for Rust 2021-02-24 and earlier, which stems from the fact that swapindex may return uninitialized values if the len returned by the iterator is too large...

ALPINE-CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in the standard library in versions of Rust prior to 1.53.0, which stems from a double release that occurs in the Vec::fromiter function. No details of the...

DEBIAN-CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again...

DEBIAN-CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...

UBUNTU-CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls iteratorgetunchecked more than once for the same index under certain conditions when nextback and next are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the...