425 matches found
RUSTSEC-2022-0052 `os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr
The ossocketaddr crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. These layout were changed into idiomatic rust...
CVE-2021-3695
A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption or eventually arbitrary code execution and circumvent secure boot protections. This issue has a high complexity to be exploited as an...
GHSA-8MV5-7X95-7WCF `mopa` is technically unsound
The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...
`mopa` is technically unsound
The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...
GHSA-C79C-GWPH-GQFM `net2` invalidly assumes the memory layout of std::net::SocketAddr
The net2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
`net2` invalidly assumes the memory layout of std::net::SocketAddr
The net2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
GHSA-2GXJ-QRP2-53JV Incorrect reliance on Trait memory layout in mopa
The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...
Incorrect reliance on Trait memory layout in mopa
The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...
CVE-2021-45695
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...
CVE-2021-45695
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...
CVE-2021-30656
An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout...
CVE-2021-30656
An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout...
Memory corruption
An access issue was addressed with improved memory management. This issue is fixed in iOS 14.5 and iPadOS 14.5. A malicious application may be able to determine kernel memory layout...
Assumed memory layout of std::net::SocketAddr
The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
nb-connect invalidly assumes the memory layout of std::net::SocketAddr
The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...
GHSA-RM4W-6696-R77P nb-connect invalidly assumes the memory layout of std::net::SocketAddr
The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...
quinn invalidly assumes the memory layout of std::net::SocketAddr
The quinn crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
GHSA-FHV4-FX3V-77W6 quinn invalidly assumes the memory layout of std::net::SocketAddr
The quinn crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
GHSA-458V-4HRF-G3M4 socket2 invalidly assumes the memory layout of std::net::SocketAddr
The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...
socket2 invalidly assumes the memory layout of std::net::SocketAddr
The socket2 crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...