10 matches found
EUVD-2022-0679
Malicious code in bioql PyPI...
Duplicate Advisory: `Read` on uninitialized buffer may cause UB ('tectonic_xdv' crate)
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-qwvx-c8j7-5g75. This link is maintained to preserve external references. Original Description Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read...
GHSA-QWVX-C8J7-5G75 Use of Uninitialized Resource in tectonic_xdv
Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...
Use of Uninitialized Resource in tectonic_xdv
Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...
Mozilla Rust has an unspecified vulnerability (CNVD-2022-03127)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A security vulnerability exists in versions of Rust tectonicxdv crate prior to 0.1.12, which stems from XdvParser::::process can read data from uninitialized memory locations. No detailed vulnerability details ar...
CVE-2021-45703
An issue was discovered in the tectonicxdv crate before 0.1.12 for Rust. XdvParser::::process may read from uninitialized memory locations...
Rust 安全漏洞
Rust is a general-purpose, compiled programming language from the Mozilla Foundation.A security vulnerability exists in versions of Rust tectonicxdv crate prior to 0.1.12, which stems from XdvParser::::process can read data from uninitialized memory locations. No detailed vulnerability details ar...
CVE-2021-45703
The CVE-2021-45703 entry concerns the Rust crate tectonic_xdv (pre-0.1.12). The issue is that XdvParser::::process may read from uninitialized memory locations, which can lead to undefined behavior. Affected versions are before 0.1.12; the fixed version is 0.1.12. No exploit details are provided ...
CVE-2021-45703
An issue was discovered in the tectonicxdv crate before 0.1.12 for Rust. XdvParser::::process may read from uninitialized memory locations...
`Read` on uninitialized buffer may cause UB ('tectonic_xdv' crate)
Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation. Arbitrary Read implementations can read from the uninitialized buffer memory exposure and also can return incorrect number of bytes written to the buffer. Reading from uninitialized memory...