186 matches found
CVE-2021-45680
An issue was discovered in the vec-const crate before 2.0.0 for Rust. It tries to construct a Vec from a pointer to a const slice, leading to memory corruption...
CVE-2021-45680
CVE-2021-45680 concerns the vec-const crate (Rust) prior to 2.0.0, where a vector is constructed from a pointer to a const slice, leading to memory corruption. Several sources (OSV/RUSTSEC and CVE records) confirm the affected component and the root cause. Impact is memory corruption; exact explo...
Security Bulletin: IBM Virtualization Engine TS7700 Management Interface (CVE-2021-29908)
Summary The IBM TS7700 Management Interface is vulnerable to unauthenticated access. By accessing a specially-crafted URL, an attacker may gain administrative access to the Management Interface without authentication. IBM Virtualization Engine TS7700 has addressed the vulnerability. Vulnerability...
Double free in algorithmica
An issue was discovered in the algorithmica crate through 2021-03-07 for Rust. In the affected versions of this crate, mergesort::merge wildly duplicates and drops ownership of T without guarding against double-free. Due to such implementation, simply invoking mergesort::merge on Vec can cause...
Use after free in heapless
An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...
GHSA-PPQP-78XX-3R38 Out of bounds write in calamine
An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...
Out of bounds write in calamine
An issue was discovered in the calamine crate before 0.17.0 for Rust. It allows attackers to overwrite heap-memory locations because Vec::setlen is used without proper memory claiming, and this uninitialized memory is used for a user-provided Read operation, as demonstrated by Sectors::get...
GHSA-M8H8-V6JH-C762 Incorrect buffer size in crossbeam-channel
The affected version of this crate's the bounded channel incorrectly assumes that Vec::fromiter has allocated capacity that same as the number of iterator elements. Vec::fromiter does not actually guarantee that and may allocate extra memory. The destructor of the bounded channel reconstructs Vec...
Incorrect buffer size in crossbeam-channel
The affected version of this crate's the bounded channel incorrectly assumes that Vec::fromiter has allocated capacity that same as the number of iterator elements. Vec::fromiter does not actually guarantee that and may allocate extra memory. The destructor of the bounded channel reconstructs Vec...
Use after free in image
Affected versions of this crate would call Vec::setlen on an uninitialized vector with user-provided type parameter, in an interface of the HDR image format decoder. They would then also call other code that could panic before initializing all instances. This could run Drop implementations on...
GHSA-MH6H-F25P-98F8 Uncontrolled memory consumption in protobuf
Affected versions of this crate called Vec::reserve on user-supplied input. This allows an attacker to cause an Out of Memory condition while calling the vulnerable method on untrusted data...
Heap overflow or corruption in safe-transmute
Affected versions of this crate switched the length and capacity arguments in the Vec::fromrawparts constructor, which could lead to memory corruption or data leakage...
vec-const attempts to construct a Vec from a pointer to a const slice
Affected versions of this crate claimed to construct a const Vec with nonzero length and capacity, but that cannot be done because such a Vec requires a pointer from an allocator. The implementation was later changed to just construct a std::borrow::Cow...
rust: double free in Vec::from_iter function if freeing the element panics
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...
CVE-2020-36464
An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed...
Denial Of Service (DoS)
rust is vulnerable to denial of service. The vulnerability exists due to a double free in theVec::fromiter function...
CVE-2021-31162
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...
CVE-2021-31162
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...
DEBIAN-CVE-2021-31162
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...
CVE-2021-31162
In the standard library in Rust before 1.52.0, a double free can occur in the Vec::fromiter function if freeing the element panics...