EUVD-2021-1769

Malware in sbrugna...

CVE-2020-35881

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

SUSE CVE-2020-35881

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

acari-lib (>=0.1.1 <=0.1.8), accepted (>=0.2.0 <=0.3.2) +1884 more potentially affected by unknown CVE via traitobject (>=0.0.1 <=0.1.1)

traitobject CARGO version =0.0.1, =0.1.1, =0.2.0, =0.0.6, =0.0.7-alpha.3, =0.0.7-alpha.1, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.4.2 - aigcapi =5.1.2 - aigcchain =5.1.2 - aigcconfig =5.1.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-PP8R-VV2J-9J5V...

Incorrect reliance on Trait memory layout in mopa

The mopa crate redefines the deprecated TraitObject struct from core::raw. This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and retrieve the data field for the purpose of downcasting. This is used to implement downcastrefunchecked, in...

acari-lib (>=0.1.1 <=0.1.8), accepted (>=0.2.0 <=0.3.2) +1884 more potentially affected by unknown CVE via traitobject (>=0.0.1 <=0.1.1)

traitobject CARGO version =0.0.1, =0.1.1, =0.2.0, =0.0.6, =0.0.7-alpha.3, =0.0.7-alpha.1, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.4.2 - aigcapi =5.1.2 - aigcchain =5.1.2 - aigcconfig =5.1.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0144...

acme-client (>=0.1.0 <=0.2.0), aerial (=0.1.0) +694 more potentially affected by CVE-2020-35881 via traitobject (>=0.0.1 <=0.0.3)

traitobject CARGO version =0.0.1, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.7.0, =0.1.0, =0.0.1, =0.1.0, =0.5.0, =0.6.5 - arubaripple =0.0.1 and more Source cves: CVE-2020-35881 Source advisory: OSV:GHSA-J79J-CX3H-G27H...

Out of bounds write in traitobject

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

GHSA-J79J-CX3H-G27H Out of bounds write in traitobject

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

`mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

RUSTSEC-2021-0095 `mopa` is technically unsound

The mopa crate redefines the deprecated TraitObject struct from core::raw like so: rust reprC deriveCopy, Clone dochidden pub struct TraitObject pub data: mut , pub vtable: mut , This is done to then transmute a reference to a trait object &dyn Trait for any trait Trait into this struct and...

Mozilla Rust traitobject crate buffer overflow vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in traitobject crate in versions of Mozilla Rust prior to 2020-06-01, which stems from the fact that it incorrectly expects a fat pointer, and can be exploited by an attack...

CVE-2020-35881

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

CVE-2020-35881

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

Memory corruption

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

CVE-2020-35881

CVE-2020-35881 affects the traitobject crate in Rust (through 2020-06-01). The issue stems from incorrect fat-pointer layout assumptions, potentially causing out-of-bounds writes and memory corruption (also described in related advisories such as GHSA-J79J-CX3H-G27H).

CVE-2020-35881

An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x...

Rust traitobject crate 缓冲区错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in traitobject crate in versions of Mozilla Rust prior to 2020-06-01, which stems from the fact that it incorrectly expects a fat pointer, and can be exploited by an attack...

RUSTSEC-2020-0027 traitobject assumes the layout of fat pointers

This crate gets the data pointer from fat pointers assuming that the first element in a fat pointer is the data pointer. This is currently true, but it may change in a future Rust version, leading to memory corruption. This has been fixed in the master branch of the crate, but is has not been...

acari-lib (>=0.1.1 <=0.1.8), accepted (>=0.2.0 <=0.3.2) +1884 more potentially affected by CVE-2020-35881 via traitobject (>=0.0.1 <=0.1.1)

traitobject CARGO version =0.0.1, =0.1.1, =0.2.0, =0.0.6, =0.0.7-alpha.3, =0.0.7-alpha.1, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.4.2 - aigcapi =5.1.2 - aigcchain =5.1.2 - aigcconfig =5.1.2 and more Source cves: CVE-2020-35881 Source advisory: OSV:RUSTSEC-2020-0027...