CVE-2021-28028

An issue was discovered in the toodee crate before 0.3.0 for Rust. Row insertion can cause a double free upon an iterator panic...

CVE-2021-28029

An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations...

EUVD-2021-2133

Malware in sbrugna...

EUVD-2021-2124

Malware in sbrugna...

GHSA-PFP7-VXGR-83PW toodee is vulnerable to Heap Buffer Overflow through its DrainCol Destructor

An off-by-one error in the DrainCol::drop destructor could cause an unsafe memory copy operation to exceed the bounds of the associated vector. The error was related to the size of the data being copied in one of the ptr::copy invocations inside the destructor. When removing the first column from...

toodee is vulnerable to Heap Buffer Overflow through its DrainCol Destructor

An off-by-one error in the DrainCol::drop destructor could cause an unsafe memory copy operation to exceed the bounds of the associated vector. The error was related to the size of the data being copied in one of the ptr::copy invocations inside the destructor. When removing the first column from...

keeshond_editor (>=0.1.0 <=0.13.0), keeshond_migrator (>=0.1.0 <=0.1.1) +2 more potentially affected by unknown CVE via toodee (>=0.2.4 <=0.3.0)

toodee CARGO version =0.2.4, =0.1.0, =0.1.0, =0.10.0, =0.13.0 Source cves: unknown CVE Source advisory: OSV:GHSA-PFP7-VXGR-83PW...

keeshond_editor (>=0.1.0 <=0.13.0), keeshond_migrator (>=0.1.0 <=0.1.1) +2 more potentially affected by unknown CVE via toodee (>=0.2.4 <=0.3.0)

toodee CARGO version =0.2.4, =0.1.0, =0.1.0, =0.10.0, =0.13.0 Source cves: unknown CVE Source advisory: SNYK:RUST-TOODEE-12670801...

Heap-based Buffer Overflow

Overview toodee is an a lightweight and high performance two-dimensional wrapper around a growable Vec. Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the DrainCol::drop destructor. An attacker can cause memory corruption or potentially execute arbitrary code b...

keeshond_editor (>=0.1.0 <=0.13.0), keeshond_migrator (>=0.1.0 <=0.1.1) +2 more potentially affected by unknown CVE via toodee (>=0.2.4 <=0.3.0)

toodee CARGO version =0.2.4, =0.1.0, =0.1.0, =0.10.0, =0.13.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0062...

Heap Buffer Overflow in the DrainCol Destructor

An off-by-one error in the DrainCol::drop destructor could cause an unsafe memory copy operation to exceed the bounds of the associated vector. The error was related to the size of the data being copied in one of the ptr::copy invocations inside the destructor. When removing the first column from...

RUSTSEC-2025-0062 Heap Buffer Overflow in the DrainCol Destructor

An off-by-one error in the DrainCol::drop destructor could cause an unsafe memory copy operation to exceed the bounds of the associated vector. The error was related to the size of the data being copied in one of the ptr::copy invocations inside the destructor. When removing the first column from...

Uninitialized memory access in toodee

An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations...

keeshond_editor (>=0.1.0 <=0.9.0) potentially affected by CVE-2021-28028 +1 more via toodee (=0.2.4)

toodee CARGO version =0.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on toodee and may be impacted: - keeshondeditor =0.1.0, =0.9.0 Source cves: CVE-2021-28028, CVE-2021-28029 Source advisory: OSV:GHSA-XM9M-2VJ8-FMFR...

GHSA-XM9M-2VJ8-FMFR Uninitialized memory access in toodee

An issue was discovered in the toodee crate before 0.3.0 for Rust. The row-insertion feature allows attackers to read the contents of uninitialized memory locations...

keeshond_editor (>=0.1.0 <=0.9.0) potentially affected by CVE-2021-28028 +1 more via toodee (=0.2.4)

toodee CARGO version =0.2.4 is affected by a known vulnerability. The following packages have a transitive dependency on toodee and may be impacted: - keeshondeditor =0.1.0, =0.9.0 Source cves: CVE-2021-28028, CVE-2021-28029 Source advisory: OSV:GHSA-WCVP-R8J8-47PC...

GHSA-WCVP-R8J8-47PC Double free in toodee

When inserting rows from an iterator at a particular index, toodee would shift items over, duplicating their ownership. The space reserved for the new elements was based on the len returned by the ExactSizeIterator. This could result in elements in the array being freed twice if the iterator...

Double free in toodee

When inserting rows from an iterator at a particular index, toodee would shift items over, duplicating their ownership. The space reserved for the new elements was based on the len returned by the ExactSizeIterator. This could result in elements in the array being freed twice if the iterator...

Rust Resource Management Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in toodee crate before 0.3.0 for Rust, which stems from causing a double free when the iterator is panic.No details of the vulnerability are provided at this time...

Unspecified Vulnerability in Rust (CNVD-2021-17265)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in toodee crate before 0.3.0 for Rust, which can be exploited by an attacker to read the contents of uninitialized memory locations...