RUSTSEC-2021-0120 abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...

abomonation transmutes &T to and from &[u8] without sufficient constraints

This transmute is at the core of the abomonation crates. It's so easy to use it to violate alignment requirements that no test in the crate's test suite passes under miri. The use of this transmute in serialization/deserialization also incorrectly assumes that the layout of a reprRust type is...

Soundness issue in raw-cpuid

VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...

GHSA-HVQC-PC78-X9WH Soundness issue in raw-cpuid

VendorInfo::asstring, SoCVendorBrand::asstring, and ExtendedFunctionInfo::processorbrandstring construct byte slices using std::slice::fromrawparts, with data coming from reprRust structs. This is always undefined behavior. This flaw has been fixed in v9.0.0, by making the relevant structs reprC...

GHSA-G4W7-3QR8-5623 Improper type usage in rusqlite

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

python: Stack-based buffer overflow in PyCArg_repr in _ctypes/callproc.c

A flaw was found in python. A stack-based buffer overflow was discovered in the ctypes module provided within Python. Applications that use ctypes without carefully validating the input passed to it may be vulnerable to this flaw, which would allow an attacker to overflow a buffer on the stack an...

Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely.

...

CVE-2020-35872

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

CVE-2020-35872

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

Design/Logic Flaw

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

CVE-2020-35872

The CVE-2020-35872 entry concerns the rusqlite crate for Rust, before version 0.23.0. The root cause is a memory-safety issue exposed via the repr(Rust) type, which can lead to memory-safety violations. The vulnerability is reflected in high-severity CVSS scores (NVD: CVSS2 7.5; CVSS3.1 9.8) with...

CVE-2020-35872

An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the reprRust type...

CVE-2018-20998

An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr attribute to an enum is mishandled, leading to memory corruption...

PYSEC-2019-144

An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr attribute to an enum is mishandled, leading to memory corruption...

PYSEC-2019-144

An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr attribute to an enum is mishandled, leading to memory corruption...

Enum repr causing potential memory corruption

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

RUSTSEC-2018-0011 Enum repr causing potential memory corruption

The attribute repr added to enums to be compatible with C-FFI caused memory corruption on MSVC toolchain. arrayfire crates = version 3.5.0 do not have this issue when used with Rust versions 1.27 or earlier. The issue only started to appear since Rust version 1.28. The issue seems to be interlink...

Oracle Linux 3 / 4 : python (ELSA-2006-0713)

From Red Hat Security Advisory 2006:0713 : Updated Python packages are now available to correct a security issue in Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Python is an interpreted, interactive,...

Gentoo Security Advisory GLSA 200610-07 (python)

The remote host is missing updates announced in advisory GLSA 200610-07. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

python repr unicode buffer overflow

Buffer overflow in the repr function in Python 2.3 through 2.6 before 20060822 allows context-dependent attackers to cause a denial of service and possibly execute arbitrary code via crafted wide character UTF-32/UCS-4 strings to certain scripts...