SUSE CVE-2020-35905

An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations in safe code...

Unsound API in `secp256k1` allows use-after-free and invalid deallocation from safe code

Because of incorrect bounds on method Secp256k1::preallocatedgennew it was possible to cause use-after-free from safe consumer code. It was also possible to "free" memory not allocated by the appropriate allocator. The method takes a place for storing the context as a mutable reference and return...

RUSTSEC-2022-0070 Unsound API in `secp256k1` allows use-after-free and invalid deallocation from safe code

Because of incorrect bounds on method Secp256k1::preallocatedgennew it was possible to cause use-after-free from safe consumer code. It was also possible to "free" memory not allocated by the appropriate allocator. The method takes a place for storing the context as a mutable reference and return...

GHSA-3JCH-9QGP-4844 Generated code can read and write out of bounds in safe code

Code generated by flatbuffers' compiler is unsafe but not marked as such. See https://github.com/google/flatbuffers/issues/6627 for details. All users that use generated code by flatbuffers compiler are recommended to: 1. not expose flatbuffer generated code as part of their public APIs 2. audit...

GHSA-5J8W-R7G8-5472 Arrow2 allows double free in `safe` code

The struct FfiArrowArray implements deriveClone that is inconsistent with its custom implementation of Drop, resulting in a double free when cloned. Cloning this struct in safe results in a segmentation fault, which is unsound. This derive was removed from this struct. All users are advised to...

Arrow2 allows double free in `safe` code

The struct FfiArrowArray implements deriveClone that is inconsistent with its custom implementation of Drop, resulting in a double free when cloned. Cloning this struct in safe results in a segmentation fault, which is unsound. This derive was removed from this struct. All users are advised to...

`DecimalArray` does not perform bound checks on accessing values and offsets

DecimalArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code if the lenght of the backing buffer is not a multiple of 16...

GHSA-R7CJ-WMWV-HFW5 `BinaryArray` does not perform bound checks on reading values and offsets

BinaryArray performs insufficient validation on creation, which allows out-of-bounds reads in safe code...

RUSTSEC-2022-0012 Arrow2 allows double free in `safe` code

The struct FfiArrowArray implements deriveClone that is inconsistent with its custom implementation of Drop, resulting in a double free when cloned. Cloning this struct in safe results in a segmentation fault, which is unsound. This derive was removed from this struct. All users are advised to...

Arrow2 allows double free in `safe` code

The struct FfiArrowArray implements deriveClone that is inconsistent with its custom implementation of Drop, resulting in a double free when cloned. Cloning this struct in safe results in a segmentation fault, which is unsound. This derive was removed from this struct. All users are advised to...

RUSTSEC-2021-0117 `DecimalArray` does not perform bound checks on accessing values and offsets

DecimalArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code if the length of the backing buffer is not a multiple of 16...

`FixedSizeBinaryArray` does not perform bound checks on accessing values and offsets

FixedSizeBinaryArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code...

`BinaryArray` does not perform bound checks on reading values and offsets

BinaryArray performs insufficient validation on creation, which allows out-of-bounds reads in safe code...

RUSTSEC-2021-0116 `BinaryArray` does not perform bound checks on reading values and offsets

BinaryArray performs insufficient validation on creation, which allows out-of-bounds reads in safe code...

RUSTSEC-2021-0118 `FixedSizeBinaryArray` does not perform bound checks on accessing values and offsets

FixedSizeBinaryArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code...

ordered_float:NotNan may contain NaN after panic in assignment operators

After using an assignment operators such as NotNan::addassign, NotNan::mulassign, etc., it was possible for the resulting NotNan value to contain a NaN. This could cause undefined behavior in safe code, because the safe NotNan::cmp method contains internal unsafe code that assumes the value is...

GHSA-GX73-2498-R55C Unsound casting in flatbuffers

The implementation of impl Follow for bool allows to reinterpret arbitrary bytes as a bool. In Rust bool has stringent requirements for its in-memory representation. Use of this function allows to violate these requirements and invoke undefined behaviour in safe code...

Unsound casting in flatbuffers

The implementation of impl Follow for bool allows to reinterpret arbitrary bytes as a bool. In Rust bool has stringent requirements for its in-memory representation. Use of this function allows to violate these requirements and invoke undefined behaviour in safe code...

RUSTSEC-2021-0089 Optional `Deserialize` implementations lacking validation

When activating the non-default feature serialize, most structs implement serde::Deserialize without sufficient validation. This allows breaking invariants in safe code, leading to: Undefined behavior in asstring methods which use std::str::fromutf8unchecked internally. Panics due to failed...

Rust Competition Condition Problem Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust futures-util crate before 0.3.7, which stems from the fact that MutexGuard::map can lead to data contention in certain closure cases in safe code...