Lucene search
K

73 matches found

RedHat Linux
RedHat Linux
added 2021/08/10 7:28 a.m.3 views

rust: optimization for joining strings can cause uninitialized bytes to be exposed

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS5.8AI score0.02025EPSS
Exploits0References4
Veracode
Veracode
added 2021/05/06 11:19 a.m.33 views

Denial Of Service (DoS)

Rust is vulnerable to denial of service. The optimization for joining strings can cause uninitialized bytes to be exposed or lead to an application crash...

8.2CVSS2.5AI score0.02025EPSS
Exploits0References11Affected Software2
CNVD
CNVD
added 2021/05/06 12:0 a.m.12 views

Mozilla Rust Formatting String Error Vulnerability

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A format string error vulnerability exists in the standard library in versions of Rust prior to 1.52.0, which stems from the fact that if the length of a borrowed string is changed after checking it, it could...

8.2CVSS6.3AI score0.02025EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2021/04/23 7:0 a.m.5 views

In the standard library in Rust before 1.52.0 there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

...

8.2CVSS7AI score0.02025EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2021/04/16 2:31 p.m.30 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS3.2AI score0.02025EPSS
Exploits0References3
OSV
OSV
added 2021/04/14 7:15 a.m.4 views

ALPINE-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS6.9AI score0.02025EPSS
Exploits0References1
NVD
NVD
added 2021/04/14 7:15 a.m.24 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS0.02025EPSS
Exploits0References7
OSV
OSV
added 2021/04/14 7:15 a.m.28 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS6.5AI score
Exploits0References7
OSV
OSV
added 2021/04/14 7:15 a.m.2 views

DEBIAN-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS7.6AI score0.02025EPSS
Exploits0References1
OSV
OSV
added 2021/04/14 7:15 a.m.8 views

UBUNTU-CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS7.2AI score0.02025EPSS
Exploits0References4
Prion
Prion
added 2021/04/14 7:15 a.m.18 views

Design/Logic Flaw

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

6.4CVSS8.4AI score0.02025EPSS
Exploits0References7Affected Software2
Cvelist
Cvelist
added 2021/04/14 6:10 a.m.22 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.8AI score0.02025EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2021/04/14 6:10 a.m.23 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS8.1AI score0.02025EPSS
Exploits0
AlpineLinux
AlpineLinux
added 2021/04/14 6:10 a.m.36 views

CVE-2020-36323

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed or the program to crash if the borrowed string changes after its length is checked...

8.2CVSS9AI score0.02025EPSS
Exploits0
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.4 views

Rust 格式化字符串错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A format string error vulnerability exists in the standard library in versions of Rust prior to 1.52.0, which stems from the fact that if the length of a borrowed string is changed after checking it, it could...

8.2CVSS5.6AI score0.02025EPSS
Exploits0References10
OSV
OSV
added 2021/03/26 9:15 p.m.10 views

CVE-2020-25578

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 several file systems were not properly initializing the doff field of the dirent structures returned by VOPREADDIR. In particular, tmpfs5, smbfs5, autofs5...

5.3CVSS6.6AI score
Exploits0References2
OSV
OSV
added 2021/03/26 9:15 p.m.7 views

CVE-2020-25579

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs5 was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes...

5.3CVSS6.6AI score0.01117EPSS
Exploits2References2
Cvelist
Cvelist
added 2021/03/26 8:44 p.m.29 views

CVE-2020-25579

In FreeBSD 12.2-STABLE before r368969, 11.4-STABLE before r369047, 12.2-RELEASE before p3, 12.1-RELEASE before p13 and 11.4-RELEASE before p7 msdosfs5 was failing to zero-fill a pair of padding fields in the dirent structure, resulting in a leak of three uninitialized bytes...

5.1AI score0.01117EPSS
Exploits2References2
Debian CVE
Debian CVE
added 2021/03/26 8:44 p.m.19 views

CVE-2020-25579

Removed by vendor...

5.3CVSS5.6AI score0.01117EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2021/03/11 12:0 a.m.4 views

PT-2022-6828 · Haproxy +6 · Haproxy +6

Name of the Vulnerable Software and Affected Versions: HAProxy versions 2.1 through 2.7 before 2.7.1 HAProxy version 2.2 before 2.2.27 HAProxy version 2.3 HAProxy version 2.4 before 2.4.21 HAProxy version 2.5 before 2.5.11 HAProxy version 2.6 before 2.6.8 Description: An information leak issue wa...

9.1CVSS6.6AI score0.60727EPSS
Exploits7References63
Rows per page
Query Builder