11 matches found
CVE-2021-27376
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
EUVD-2021-1871
Malware in sbrugna...
nb-connect invalidly assumes the memory layout of std::net::SocketAddr
The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...
GHSA-RM4W-6696-R77P nb-connect invalidly assumes the memory layout of std::net::SocketAddr
The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...
CVE-2021-27376
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
CVE-2021-27376
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
Information disclosure
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
CVE-2021-27376
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures...
CVE-2021-27376
CVE-2021-27376 affects the Rust crate nb-connect , file/socket handling. The issue arises from a direct cast of std::net::SocketAddrV4 and SocketAddrV6, relying on the wrong assumption about memory layout, which can lead to invalid memory access. The Red Hat and GHSA/RustSec entries confirm the r...
Rust nb-connect buffer error vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust nb-connect. The vulnerability stems from a forced data type conversion using std::net::SocketAddrV4 and std::net::SocketAddrV6 in some versions of the standard library,...
RUSTSEC-2021-0021 `nb-connect` invalidly assumes the memory layout of std::net::SocketAddr
The nb-connect crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about...