CVE-2018-20991

An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free...

CVE-2018-20991

An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free...

UBUNTU-CVE-2018-20991

An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free...

Double free

An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free...

CVE-2018-20991

An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free...

CVE-2018-20991

An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free...

CVE-2018-20991

The CVE-2018-20991 issue affects the Rust smallvec crate up to version 0.6.3. The root cause is an Iterator implementation that mishandles destructors, which can lead to a double free. This vulnerability is documented as affecting smallvec prior to 0.6.3, with multiple advisories (OSV, NVD) confi...

DEBIAN-CVE-2019-1010299

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

Design/Logic Flaw

The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vecdeque::Iter. The attack...

Monero: Potential use-after-free due to struct array_entry_t lacking an explicit copy constructor

struct arrayentryt in contrib/epee/include/storages/portablestoragebase.h does not implement a copy constructor. Wherever there is code that attempts to copy-construct arrayentryt, the compiler inserts a copy constructor for arrayentryt that merely copies over the values. The struct possesses an...

Possible use-after-free with `proplist::Iterator`

Affected versions contained a possible use-after-free issue with property list iteration due to a lack of a lifetime constraint tying the lifetime of a proplist::Iterator to the Proplist object for which it was created. This made it possible for users, without experiencing a compiler error/warnin...

RUSTSEC-2018-0020 Possible use-after-free with `proplist::Iterator`

Affected versions contained a possible use-after-free issue with property list iteration due to a lack of a lifetime constraint tying the lifetime of a proplist::Iterator to the Proplist object for which it was created. This made it possible for users, without experiencing a compiler error/warnin...

PT-2018-15602 · Pulseaudio · Libpulse

Name of the Vulnerable Software and Affected Versions: libpulse-binding versions prior to 2.5.0 Description: The issue is related to a use-after-free problem with property list iteration due to a lack of a lifetime constraint tying the lifetime of a proplist::Iterator to the Proplist object for...

CVE-2018-6088

An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

CVE-2018-6088

An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

UBUNTU-CVE-2018-6088

An iterator-invalidation bug in PDFium in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file...

CVE-2018-6088

CVE-2018-6088 affects Google Chrome/Chromium via a use-after-free in the PDFium library. The issue allows remote code execution inside the sandbox when processing crafted PDFs, currently mitigated by updating to Chrome/Chromium 66.0.3359.117 (and similarly updated Chromium packages in Debian/Fedo...

CVE-2018-6088

Removed by vendor...

UBUNTU-CVE-2018-16057

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations...

DEBIAN-CVE-2018-16057

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations...