EUVD-2021-1890

Malware in sbrugna...

Design/Logic Flaw

An issue was discovered in the rocket crate before 0.4.7 for Rust. uri::Formatter can have a use-after-free if a user-provided function panics...

Rust 资源管理错误漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in rocket crate for Rust prior to version 0.4.7, which stems from the fact that if a user-supplied function appears to be panic, the uri::Formatter can be...

Use after free possible in `uri::Formatter` on panic

Affected versions of this crate transmuted a &str to a &'static str before pushing it into a StackVec, this value was then popped later in the same function. This was assumed to be safe because the reference would be valid while the method's stack was active. In between the push and the pop,...

RUSTSEC-2021-0044 Use after free possible in `uri::Formatter` on panic

Affected versions of this crate transmuted a &str to a &'static str before pushing it into a StackVec, this value was then popped later in the same function. This was assumed to be safe because the reference would be valid while the method's stack was active. In between the push and the pop,...