33 matches found
EUVD-2008-1544
Malware in sbrugna...
EUVD-2021-1729
Malware in sbrugna...
CVE-2021-38192
An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime...
CVE-2020-35858
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service e.g., x86 or possibly remote code execution e.g., ARM...
GHSA-X4QM-MCJQ-V2GF Overflow in prost-types
Affected versions of this crate contained a bug in which untrusted input could cause an overflow and panic when converting a Timestamp to SystemTime. It is recommended to upgrade to prost-types v0.8 and switch the usage of From for SystemTime to TryFrom for SystemTime...
Overflow in prost-types
Affected versions of this crate contained a bug in which untrusted input could cause an overflow and panic when converting a Timestamp to SystemTime. It is recommended to upgrade to prost-types v0.8 and switch the usage of From for SystemTime to TryFrom for SystemTime...
Out of bounds write in prost
Affected versions of this crate contained a bug in which decoding untrusted input could overflow the stack. On architectures with stack probes like x86, this can be used for denial of service attacks, while on architectures without stack probes like ARM overflowing the stack is unsound and can...
GHSA-GV73-9MWV-FWGQ Out of bounds write in prost
Affected versions of this crate contained a bug in which decoding untrusted input could overflow the stack. On architectures with stack probes like x86, this can be used for denial of service attacks, while on architectures without stack probes like ARM overflowing the stack is unsound and can...
CVE-2021-38192
An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime...
CVE-2021-38192
An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime...
Buffer overflow
An issue was discovered in the prost-types crate before 0.8.0 for Rust. An overflow can occur during conversion from Timestamp to SystemTime...
CVE-2021-38192
CVE-2021-38192 affects the Rust crate prost-types prior to 0.8.0, where converting a Timestamp to SystemTime can overflow and panic. The issue is addressed by upgrading to prost-types v0.8 and switching the From for SystemTime usage to TryFrom for SystemTime. The vulnerability is described across...
RUSTSEC-2021-0073 Conversion from `prost_types::Timestamp` to `SystemTime` can cause an overflow and panic
Affected versions of this crate contained a bug in which untrusted input could cause an overflow and panic when converting a Timestamp to SystemTime. It is recommended to upgrade to prost-types v0.8 and switch the usage of From for SystemTime to TryFrom for SystemTime. See 438 for more informatio...
Unspecified Vulnerability in Mozilla Rust (CNVD-2021-30438)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability in prost crate in Mozilla Rust versions prior to 0.6.1, which stems from stack consumption via crafted messages, can be exploited by an attacker to cause a denial of service or remote co...
CVE-2020-35858
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service e.g., x86 or possibly remote code execution e.g., ARM...
CVE-2020-35858
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service e.g., x86 or possibly remote code execution e.g., ARM...
Remote code execution
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service e.g., x86 or possibly remote code execution e.g., ARM...
CVE-2020-35858
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service e.g., x86 or possibly remote code execution e.g., ARM...
CVE-2020-35858
The CVE-2020-35858 issue affects the prost crate for Rust prior to 0.6.1, where decoding a crafted message can cause stack consumption leading to denial of service (notably on x86) and potentially remote code execution (e.g., on ARM). The root cause is a stack-related flaw in parsing untrusted in...
Rust 资源管理错误漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability in prost crate in Mozilla Rust versions prior to 0.6.1, which stems from stack consumption via crafted messages, can be exploited by an attacker to cause a denial of service or remote co...