28 matches found
EUVD-2021-1784
Malware in sbrugna...
EUVD-2021-1761
Malware in sbrugna...
EUVD-2022-0714
Malicious code in bioql PyPI...
CVE-2021-26306
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It has unsound transmute calls within asstring methods...
CVE-2021-26307
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It allows cpuidcount calls even if the processor does not support the CPUID instruction, which is unsound and causes a deterministic crash...
GHSA-W428-F65R-H4Q2 Deserialization of Untrusted Data in rust-cpuid
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
Rust raw-cpuid crate has an unspecified vulnerability
Rust raw-cpuid crate is a library for parsing x86 CPUID instructions, written in rust, with no external dependencies. The implementation is very similar to the Intel CPUID manual description. The library only depends on libcore. versions prior to Rust raw-cpuid crate 9.1.1 have security...
CVE-2021-45687
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
CVE-2021-45687
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
Memory corruption
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
Rust raw-cpuid crate 输入验证错误漏洞
Rust raw-cpuid crate is a library for parsing x86 CPUID instructions, written in rust, with no external dependencies. The implementation is very similar to the Intel CPUID manual description. The library only depends on libcore. versions prior to Rust raw-cpuid crate 9.1.1 have security...
CVE-2021-45687
An issue was discovered in the raw-cpuid crate before 9.1.1 for Rust. If the serialize feature is used which is not the the default, a Deserialize operation may lack sufficient validation, leading to memory corruption or a panic...
CVE-2021-45687
The CVE-2021-45687 issue affects the Rust raw-cpuid crate prior to 9.1.1. When the non-default serialize feature is enabled, Deserialize may lack sufficient validation, causing memory corruption or a panic. Versions before 9.1.1 are vulnerable; upgrading to 9.1.1 or later is the supported remedia...
Soundness issue in raw-cpuid
VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...
GHSA-HVQC-PC78-X9WH Soundness issue in raw-cpuid
VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...
GHSA-JRF8-CMGG-GV2M Error on unsupported architectures in raw-cpuid
nativecpuid::cpuidcount exposes the unsafe cpuidcount intrinsic from core::arch::x86 or core::arch::x8664 as a safe function, and uses it internally, without checking the safety requirement: The CPU the program is currently running on supports the function being called. CPUID is available in most...
Unspecified Vulnerability in Rust (CNVD-2021-13683)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in the raw-cpuid crate function in versions of Rust prior to 9.0.0 that allows the cpuid count call to be made even if the processor does not support the cpuid directive, ultimate...
CVE-2021-26306
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It has unsound transmute calls within asstring methods...
CVE-2021-26306
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It has unsound transmute calls within asstring methods...
CVE-2021-26307
An issue was discovered in the raw-cpuid crate before 9.0.0 for Rust. It allows cpuidcount calls even if the processor does not support the CPUID instruction, which is unsound and causes a deterministic crash...