13 matches found
EUVD-2022-0425
Malicious code in bioql PyPI...
airmash-protocol (>=0.2.0 <=0.3.0), altv-core (=0.1.0) +255 more potentially affected by CVE-2021-45695 via mopa (=0.2.2)
mopa CARGO version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mopa and may be impacted: - airmash-protocol =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.15.3 and more Source cves: CVE-2021-45695...
`mopa` is technically unsound
The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...
airmash-protocol (>=0.2.0 <=0.3.0), altv-core (=0.1.0) +255 more potentially affected by CVE-2021-45695 via mopa (=0.2.2)
mopa CARGO version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mopa and may be impacted: - airmash-protocol =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.15.3 and more Source cves: CVE-2021-45695...
Incorrect reliance on Trait memory layout in mopa
The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...
CVE-2021-45695
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...
CVE-2021-45695
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...
Security feature bypass
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...
CVE-2021-45695
CVE-2021-45695 concerns the Rust crate mopa, which redefines the deprecated TraitObject to downcast trait objects. The core issue is reliance on the memory layout of &dyn Trait, risking memory-layout changes by the compiler and enabling scenarios such as ASLR bypass or even arbitrary code executi...
CVE-2021-45695
An issue was discovered in the mopa crate through 2021-06-01 for Rust. It incorrectly relies on Trait memory layout, possibly leading to future occurrences of arbitrary code execution or ASLR bypass...
airmash-protocol (>=0.2.0 <=0.3.0), altv-core (=0.1.0) +255 more potentially affected by CVE-2021-45695 via mopa (=0.2.2)
mopa CARGO version =0.2.2 is affected by a known vulnerability. The following packages have a transitive dependency on mopa and may be impacted: - airmash-protocol =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.15.3 and more Source cves: CVE-2021-45695...
RUSTSEC-2021-0095 `mopa` is technically unsound
The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...
`mopa` is technically unsound
The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...