RUSTSEC-2026-0174 `Authorization::value` and `WwwAuthenticate::value` can violate ASCII invariants

Authorization::value uses HeaderValue::value with the claim that the internal string is ASCII, but Authorization::new and Authorization::setcredentials accept arbitrary String credentials without validation. As a result, safe code can construct a header value containing non-ASCII UTF-8 while the...

EUVD-2021-1855

Malware in sbrugna...

EUVD-2022-2235

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-36205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or...

Linux Distros Unpatched Vulnerability : CVE-2021-26957

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in...

Rust tiny_http crate 环境问题漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. An environmental issue vulnerability exists in tinyhttp crate in versions of Mozilla Rust prior to 2020-06-16, which stems from an HTTP request smuggling can occur via a misformatted transport encoding header. N...