Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-78746)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a memory corruption vulnerability exists in Mozilla Rust, which stems from Rust's scottqueue crate. for Queue there is an unconditional send and sync implementation, which can be exploited by an attacker to caus...

Gravity null pointer dereference vulnerability (CNVD-2021-89955)

Gravity is a powerful, dynamically typed, lightweight, embedded programming language written in C. A null pointer dereference vulnerability exists in the ircoderegisterpopcontextprotect function in gravityircode.c in Gravity 0.8.1 and earlier versions. An attacker could exploit this vulnerability...

Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-85295)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause memory corruption...

Mozilla Rust Command Injection Vulnerability (CNVD-2021-85292)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a command injection vulnerability that could be exploited by attackers to cause data contention...

Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-85300)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause errors in data contention in concurrent programs...

Mozilla Rust Competition Condition Issue Vulnerability (CNVD-2021-85289)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. spacejam mode of Mozilla Rust is vulnerable to a contention condition issue that could be exploited by an attacker to allow secure Rust code to trigger data contention...

[SECURITY] Fedora 34 Update: golang-1.16.8-1.fc34

The Go Programming Language...

Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RLSA-2021:3585 Moderate: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net: incorrect parsing of extraneous zero characters at the beginning of an IP address octet CVE-2021-29923 For more details about the security issues, including the...

[SECURITY] Fedora 33 Update: golang-1.15.15-1.fc33

The Go Programming Language...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71655)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability existed in Rust prior to version 0.9.1. The vulnerability stems from the possibility that program reserved calls could create invalid UTF-8 strings, thereby violating soundness. No detai...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71651)

A security vulnerability exists in Rust, a general-purpose, compiled programming language from the Mozilla Foundation. The vulnerability stems from the fact that programs send features or synchronize features without bounds, so data contention and memory corruption can occur. No details of the...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71658)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, was previously vulnerable in version 0.5.1. The vulnerability stems from the fact that programs can send non-send types to other threads, which can be exploited by attackers to potentially cause data contention an...

RHEL 7 : go-toolset-1.15-golang (RHSA-2021:3431)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3431 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: net:...

golang: archive/zip: malformed archive may cause panic or memory exhaustion

A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files...

perl bug fix and enhancement update

An update is available for perl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Perl is a high-level programming language that is commonly used for system...

Mozilla Rust Denial of Service Vulnerability (CNVD-2021-61402)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust suffers from a denial-of-service vulnerability that can be exploited by attackers to cause data contention by sending specially crafted requests...

Mozilla Rust has an unspecified vulnerability (CNVD-2021-61405)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a security vulnerability exists in the anymap crate of Mozilla Rust version 0.12.1, which can be exploited by attackers to compromise soundness by converting u8 to u64...

Mozilla Rust Denial of Service Vulnerability (CNVD-2021-61403)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A denial-of-service vulnerability exists in the appendix box of Mozilla Rust versions prior to November 15, 2020, which can be exploited by an attacker to cause data contention by sending a specially crafted...

DEBIAN-CVE-2021-29923

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which in some situations allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR...