Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-4901

Malicious code in bioql PyPI...

6.6AI score
Exploits0References5
RustSec
RustSec
added 2024/12/19 12:0 p.m.4 views

Unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

7AI score
Exploits0Affected Software1
Github Security Blog
Github Security Blog
added 2023/03/07 8:13 p.m.16 views

Maligned causes incorrect deallocation

maligned::alignfirst manually allocates with an alignment larger than T, and then uses Vec::fromrawparts on that allocation to get a Vec. GlobalAlloc::dealloc requires that the layout argument must be the same layout that was used to allocate that block of memory. When deallocating, Box and Vec m...

2.2AI score
Exploits0References4Affected Software1
OSV
OSV
added 2023/03/04 12:0 p.m.13 views

RUSTSEC-2023-0017 `maligned::align_first` causes incorrect deallocation

maligned::alignfirst manually allocates with an alignment larger than T, and then uses Vec::fromrawparts on that allocation to get a Vec. GlobalAlloc::dealloc requires that the layout argument must be the same layout that was used to allocate that block of memory. When deallocating, Box and Vec m...

7AI score
Exploits0References3
RustSec
RustSec
added 2023/03/04 12:0 p.m.18 views

`maligned::align_first` causes incorrect deallocation

maligned::alignfirst manually allocates with an alignment larger than T, and then uses Vec::fromrawparts on that allocation to get a Vec. GlobalAlloc::dealloc requires that the layout argument must be the same layout that was used to allocate that block of memory. When deallocating, Box and Vec m...

2.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2021/08/25 8:43 p.m.21 views

Heap overflow or corruption in safe-transmute

Affected versions of this crate switched the length and capacity arguments in the Vec::fromrawparts constructor, which could lead to memory corruption or data leakage...

9.8CVSS9.1AI score0.02032EPSS
Exploits0References5Affected Software1
RustSec
RustSec
added 2018/11/27 12:0 p.m.18 views

Vec-to-vec transmutations could lead to heap overflow/corruption

Affected versions of this crate switched the length and capacity arguments in the Vec::fromrawparts constructor, which could lead to memory corruption or data leakage. The flaw was corrected by using the constructor correctly...

9.8CVSS2.8AI score0.02032EPSS
Exploits0Affected Software1
Rows per page
Query Builder