AZL-76721 CVE-2026-25541 affecting package rust 1.90.0-4

Bytes is a utility library for working with bytes. From version 1.2.1 to before 1.11.1, Bytes is vulnerable to integer overflow in BytesMut::reserve. In the unique reclaim path of BytesMut::reserve, if the condition "vcapacity = newcap + offset" uses an unchecked addition. When newcap + offset...

CVE-2026-25541

Bytes is vulnerable in versions 1.2.1–before 1.11.1 due to an integer overflow in BytesMut::reserve. In the unique reclaim path, an unchecked addition in the condition v_capacity >= new_cap + offset can cause new_cap + offset to overflow usize in release builds, making self.cap exceed the actu...

UBUNTU-CVE-2021-3489

The eBPF RINGBUF bpfringbufreserve function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee "bp...

CVE-2018-1000657

Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vecdeque::VecDeque::reserve function that can result in Arbitrary code execution, but no...

Design/Logic Flaw

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function base/PdfVecObjects.h. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted pdf file...