Lucene search
K

40 matches found

Github Security Blog
Github Security Blog
added 2022/06/16 11:49 p.m.17 views

Channel creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

2.8AI score
Exploits0References3Affected Software1
RustSec
RustSec
added 2022/05/10 12:0 p.m.14 views

Parser creates invalid uninitialized value

Affected versions of this crate called mem::uninitialized in the HTTP1 parser to create values of type httparse::Header from the httparse crate. This is unsound, since Header contains references and thus must be non-null. The flaw was corrected by avoiding the use of mem::uninitialized, using...

2AI score
Exploits0Affected Software1
OSV
OSV
added 2022/05/10 12:0 p.m.18 views

RUSTSEC-2022-0020 `SegQueue` creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

6.9AI score
Exploits0References3
RustSec
RustSec
added 2022/05/10 12:0 p.m.16 views

Channel creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

2.8AI score
Exploits0Affected Software1
RustSec
RustSec
added 2022/05/10 12:0 p.m.18 views

`SegQueue` creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

3.1AI score
Exploits0Affected Software1
OSV
OSV
added 2022/05/10 12:0 p.m.10 views

RUSTSEC-2022-0021 `SegQueue` creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

6.9AI score
Exploits0References3
OSV
OSV
added 2022/05/10 12:0 p.m.8 views

RUSTSEC-2022-0019 Channel creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

6.9AI score
Exploits0References3
RustSec
RustSec
added 2022/05/10 12:0 p.m.18 views

`SegQueue` creates zero value of any type

Affected versions of this crate called mem::zeroed to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null. The flaw was corrected by avoiding the use of mem::zeroed, using MaybeUninit instead...

3.1AI score
Exploits0Affected Software1
OSV
OSV
added 2022/01/06 10:20 p.m.48 views

GHSA-55M5-WHCV-C49C Use of Uninitialized Resource in smallvec

Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...

7.5CVSS7.3AI score0.01389EPSS
Exploits1References7
Github Security Blog
Github Security Blog
added 2022/01/06 10:20 p.m.40 views

Use of Uninitialized Resource in smallvec

Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...

7.5CVSS7.2AI score0.01389EPSS
Exploits1References7Affected Software1
OSV
OSV
added 2021/08/25 9:0 p.m.20 views

GHSA-66P5-J55P-32R9 smallvec creates uninitialized value of any type

Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...

7.5CVSS7.4AI score0.01389EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2021/08/25 9:0 p.m.14 views

smallvec creates uninitialized value of any type

Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...

3.8AI score
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2021/08/25 8:44 p.m.21 views

Exposure of uninitialized memory in memoffset

Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references. They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic. The flaw was correcte...

7.5CVSS7.2AI score0.01751EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2021/08/25 8:44 p.m.46 views

GHSA-RH89-X75F-RH3C Exposure of uninitialized memory in memoffset

Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references. They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic. The flaw was correcte...

7.5CVSS7.3AI score0.01751EPSS
Exploits0References4
RustSec
RustSec
added 2020/12/31 12:0 p.m.17 views

`impl Random` on arrays can lead to dropping uninitialized memory

Affected versions of this crate had a panic safety issue to drop partially uninitialized array of T upon panic in a user provided function T::random. Dropping uninitialized T can potentially cause memory corruption or undefined behavior. The flaw was corrected in commit 565d508 by using MaybeUnin...

7.8CVSS2.9AI score0.00426EPSS
Exploits1Affected Software1
OSV
OSV
added 2020/05/07 12:0 p.m.10 views

RUSTSEC-2020-0161 `array!` macro is unsound in presence of traits that implement methods it calls internally

Affected versions of this crate called some methods using auto-ref. The affected code looked like this. rust let mut arr = $crate::core::mem::MaybeUninit::uninit; let mut vec = $crate::ArrayVec::::newarr.asmutptr as mut T; In this case, the problem is that asmutptr is a method of &mut MaybeUninit...

7.1AI score
Exploits0References3
RustSec
RustSec
added 2019/07/16 12:0 p.m.23 views

Flaw in offset_of and span_of causes SIGILL, drops uninitialized memory of arbitrary type on panic in client code

Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references. They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic. The flaw was correcte...

7.5CVSS3.6AI score0.01751EPSS
Exploits0Affected Software1
OSV
OSV
added 2019/07/16 12:0 p.m.29 views

RUSTSEC-2019-0011 Flaw in offset_of and span_of causes SIGILL, drops uninitialized memory of arbitrary type on panic in client code

Affected versions of this crate caused traps and/or memory unsafety by zero-initializing references. They also could lead to uninitialized memory being dropped if the field for which the offset is requested was behind a deref coercion, and that deref coercion caused a panic. The flaw was correcte...

7.5CVSS7.3AI score0.01751EPSS
Exploits0References3
RustSec
RustSec
added 2018/09/25 12:0 p.m.15 views

smallvec creates uninitialized value of any type

Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...

7.5CVSS3.8AI score0.01389EPSS
Exploits1Affected Software1
OSV
OSV
added 2018/09/25 12:0 p.m.17 views

RUSTSEC-2018-0018 smallvec creates uninitialized value of any type

Affected versions of this crate called mem::uninitialized to create values of a user-supplied type T. This is unsound e.g. if T is a reference type which must be non-null and thus may not remain uninitialized. The flaw was corrected by avoiding the use of mem::uninitialized, using MaybeUninit...

7.5CVSS7.4AI score0.01389EPSS
Exploits1References3
Rows per page
Query Builder