20 matches found
EUVD-2021-1710
Malware in sbrugna...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
Linux Distros Unpatched Vulnerability : CVE-2020-25016
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of...
GHSA-V8GQ-5GRQ-9728 mozjpeg DecompressScanlines::read_scanlines is Unsound
This issue and vector is similar to RUSTSEC-2020-0029 of rgb crate which mozjpeg depends on. Affected versions of mozjpeg crate allow creating instances of any type T from bytes, and do not correctly constrain T to the types for which it is safe to do so. Examples of safety violation possible for...
GHSA-G4RW-8M5Q-6453 Out of bounds access in rgb
Affected versions of rgb crate allow viewing and modifying data of any type T wrapped in RGB as bytes, and do not correctly constrain RGB and other wrapper structures to the types for which it is safe to do so. Safety violation possible for a type wrapped in RGB and similar wrapper structures: If...
Out of bounds access in rgb
Affected versions of rgb crate allow viewing and modifying data of any type T wrapped in RGB as bytes, and do not correctly constrain RGB and other wrapper structures to the types for which it is safe to do so. Safety violation possible for a type wrapped in RGB and similar wrapper structures: If...
Rust Cross-Site Scripting Vulnerability
Rust is a general-purpose, compiled programming language. A cross-site scripting vulnerability exists in versions prior to rgb crate 0.8.20, which stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit this vulnerability to read and write data i...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
DEBIAN-CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
Information disclosure
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
UBUNTU-CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to for example dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations...
CVE-2020-25016
CVE-2020-25016 affects the rgb crate for Rust, up to and including versions before 0.8.20. The vulnerability arises because RGB wrappers allow treating underlying data as bytes, enabling reading/writing of memory as raw bytes. This can lead to dereferencing arbitrary pointers or disclosure of uni...
mozjpeg DecompressScanlines::read_scanlines is Unsound
This issue and vector is similar to RUSTSEC-2020-0029 of rgb crate which mozjpeg depends on. Affected versions of mozjpeg crate allow creating instances of any type T from bytes, and do not correctly constrain T to the types for which it is safe to do so. Examples of safety violation possible for...
RUSTSEC-2020-0165 mozjpeg DecompressScanlines::read_scanlines is Unsound
This issue and vector is similar to RUSTSEC-2020-0029 of rgb crate which mozjpeg depends on. Affected versions of mozjpeg crate allow creating instances of any type T from bytes, and do not correctly constrain T to the types for which it is safe to do so. Examples of safety violation possible for...
Allows viewing and modifying arbitrary structs as bytes
Affected versions of rgb crate allow viewing and modifying data of any type T wrapped in RGB as bytes, and do not correctly constrain RGB and other wrapper structures to the types for which it is safe to do so. Safety violation possible for a type wrapped in RGB and similar wrapper structures: If...
RUSTSEC-2020-0029 Allows viewing and modifying arbitrary structs as bytes
Affected versions of rgb crate allow viewing and modifying data of any type T wrapped in RGB as bytes, and do not correctly constrain RGB and other wrapper structures to the types for which it is safe to do so. Safety violation possible for a type wrapped in RGB and similar wrapper structures: If...