Lucene search
K
RustsecMost viewed

1141 matches found

RustSec
RustSec
added 2020/11/02 12:0 p.m.14 views

crate has been renamed to `safe-nd`

This crate has been renamed from safe-nd to sndatatypes. The new repository location is:...

6.9AI score
Exploits0
RustSec
RustSec
added 2020/11/02 12:0 p.m.14 views

`mio` invalidly assumes the memory layout of std::net::SocketAddr

The mio crate has assumed std::net::SocketAddrV4 and std::net::SocketAddrV6 have the same memory layout as the system C representation sockaddr. It has simply casted the pointers to convert the socket addresses to the system representation. The standard library does not say anything about the...

5.5CVSS2.7AI score0.00389EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2020/10/16 12:0 p.m.14 views

directories is unmaintained, use directories-next instead

The directories crate is not maintained any more; use directories-next instead...

2.1AI score
Exploits0
RustSec
RustSec
added 2020/09/04 12:0 p.m.14 views

personnummer Input validation error

Swedish personal identity is in the form of YYMMDD-XXXX An issue arises from the regular expression allowing the first three digits in the last four digits of the personnummer to be 000, which is invalid. To mitigate this without upgrading, a check on the last four digits can be made to make sure...

3.1AI score
Exploits0Affected Software1
RustSec
RustSec
added 2020/04/18 12:0 p.m.14 views

`stb_truetype` crate has been deprecated; use `ttf-parser` instead

This crate was maintained for use in rusttype which has switched to use ttf-parser...

0.8AI score
Exploits0
RustSec
RustSec
added 2020/02/11 12:0 p.m.14 views

rulinalg is unmaintained, use nalgebra instead

The rulinalg crate is no longer maintained, use nalgebra instead...

1.5AI score
Exploits0
RustSec
RustSec
added 2017/11/21 12:0 p.m.14 views

Unchecked vector pre-allocation

Affected versions of this crate pre-allocate memory on deserializing raw buffers without checking whether there is sufficient data available. This allows an attacker to do denial-of-service attacks by sending small msgpack messages that allocate gigabytes of memory...

5.7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/06/29 12:0 p.m.13 views

Quadratic run time when checking a start tag for duplicate attribute names

BytesStart::attributes returns an Attributes iterator which, by default withcheckstrue, rejects a start tag that repeats an attribute name. For each attribute yielded, the iterator compared the new name against every name seen so far in the same tag using a linear scan, so a start tag with N...

5.9AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/06/04 12:0 p.m.13 views

`pqcrypto-traits` is unmaintained: upstream PQClean project being archived

This crate provides shared trait definitions for the pqcrypto- ecosystem, which wraps C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604. As a result, this crate and the broader pqcrypto- ecosystem will no longer receive updates. Use...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/06/04 12:0 p.m.13 views

`pqcrypto-classicmceliece` is unmaintained: upstream PQClean project being archived

This crate provides Rust bindings to the Classic McEliece key encapsulation mechanism via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/06/03 12:0 p.m.13 views

`logflux` was removed from crates.io for malicious code

The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/06/01 12:0 p.m.13 views

Several memory corruption issues via safe APIs

Several soundness violations exist in the Rust bindings for MetaCall, indicatively: MetaCallException::Clone: Clone is dangerous because it creates a second Rust object that still points to the same foreign MetaCall value, but does not actually own or keep that value alive. value is shallow copie...

5.9AI score
Exploits0
RustSec
RustSec
added 2026/05/21 12:0 p.m.13 views

audiopus_sys is unmaintained

audiopussys is implicitly unmaintained and holds a reference to CMake versions with which CMake 4.0 is not backwards compatible, causing cargo builds to error. An effort to contact the maintainer was made on June 10th, 2025 with no reply. A separate 2025 PR was made from a different user addressi...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/05/14 12:0 p.m.13 views

Double-free in `vmem` storage reachable from safe Rust (predecessor of `oneringbuf`)

mutringbuf is the archived predecessor of oneringbuf — the crate was renamed and the GitHub repository was archived on 2025-11-20. All released versions up to 1.0.0 carry the same vmem-feature double-free bug that affects oneringbuf, with the same code paths and the same reproduction shape. When...

5.9AI score
Exploits0
RustSec
RustSec
added 2026/05/14 12:0 p.m.13 views

Double-free in `vmem` storage reachable from safe Rust

When the vmem feature is enabled, VmemStorage::newBox and every public constructor that funnels through it — ConcurrentHeapRB::defaultcap, ConcurrentHeapRB::fromVec, From, etc. bit-copies the input buffer into a freshly mmap'd region with ptr::copynonoverlapping, then lets the source Box drop...

5.9AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/05/02 12:0 p.m.13 views

Potential out-of-bounds write via public `Context` fields

The Context struct has all fields public pub dlen, pub digest, etc.. Code from other modules within the same crate can directly modify dlen to a value exceeding the digest vector length. When reset is subsequently called, self.digestself.dlen as usize = 0 becomes an out-of-bounds write. Withdrawa...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/05/02 12:0 p.m.13 views

Null-pointer dereference and double-free via safe APIs

Two soundness violations exist in the Rust bindings for MetaCall: Null-pointer dereference: MetaCallFuture::newraw accepts a raw pointer without validation. The Debug impl calls Box::fromrawself.data on it. Passing a null pointer causes the Debug impl to construct a NonNull from null, producing...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/05/02 12:0 p.m.13 views

Out-of-bounds read in `bytes_helper` public safe functions

The byteshelper module contains multiple public functions intoarr4, intoarr2, u8fromlebytes that use slice.getuncheckedpos..pos + N without verifying that pos + N = slice.len. These are public safe API functions, allowing any caller to trigger undefined behavior by passing invalid positions. For...

5.8AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/14 12:0 p.m.13 views

Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics

A Double Free / Use-After-Free UAF vulnerability has been identified in the IntoIter::drop and ThinVec::clear implementations of the thin-vec crate. Both vulnerabilities share the same root cause and can trigger memory corruption using only safe Rust code - no unsafe blocks required. Undefined...

7.3CVSS5.7AI score0.00168EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2026/04/14 12:0 p.m.13 views

Name constraints were accepted for certificates asserting a wildcard name

Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name. This was incorrect because, given a name constraint of accept.example.com, .example.com could feasibly allow a name of reject.example.com which is outside the constraint. This is very simila...

6.5CVSS6.5AI score0.00274EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/13 12:0 p.m.13 views

`microsoftsystem64` was removed from crates.io for malicious code

microsoftsystem64 installs a hardcoded SSH authorizedkeys entry persistence/backdoor and scans for sensitive files .env, credential-like JSON names, keyword-matching docs, reads their contents, base64-encodes where needed, and exfiltrates everything to a remote server via HTTP. It also packages a...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/04/09 12:0 p.m.13 views

Data leakage between pooling allocator instances

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-6wgr-89rj-399p For more information see the GitHub-hosted security advisory...

6.3CVSS5.9AI score0.00286EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/07 12:0 p.m.13 views

zantetsu-ffi is unmaintained

The zantetsu-ffi crate is no longer maintained. The Node.js, Python, and C FFI bindings it provided were removed as part of the zantetsu 0.2 release, which refocused the project on its core Rust library. A tombstone version 0.2.0 has been published and 0.1.4 has been yanked. There is no replaceme...

5.8AI score
Exploits0
RustSec
RustSec
added 2026/03/11 12:0 p.m.13 views

`Authorization::value` and `WwwAuthenticate::value` can violate ASCII invariants

Authorization::value uses HeaderValue::value with the claim that the internal string is ASCII, but Authorization::new and Authorization::setcredentials accept arbitrary String credentials without validation. As a result, safe code can construct a header value containing non-ASCII UTF-8 while the...

5.7AI score
Exploits0
RustSec
RustSec
added 2026/02/12 12:0 p.m.13 views

Unsoundness in opt-in ARMv8 assembly backend for `keccak`

Summary The asm! block enabled by the off-by-default asm feature, when enabled on ARMv8 targets, misspecified the operand type for all of its operands, using in for pointers and values which were subsequently mutated by operations performed within the assembly block. Impact It's unclear what...

5.5AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/10/18 12:0 p.m.13 views

`unic-char-basics` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

7AI score
Exploits0
RustSec
RustSec
added 2025/09/17 12:0 p.m.13 views

Pingora MadeYouReset HTTP/2 vulnerability

Pingora deployments using versions prior to 0.6.0 that include HTTP/2 server support may be affected by the vulnerability described in CVE-2025-8671. Under certain conditions, Pingora applications may allocate buffers before the HTTP/2 reset and resulting stream cancellation is processed by the...

7.5CVSS6.8AI score0.04604EPSS
Exploits3Affected Software1
RustSec
RustSec
added 2025/09/05 12:0 p.m.13 views

adler crate is unmaintained, use adler2 instead

The adler crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - adler2...

6.9AI score
Exploits0
RustSec
RustSec
added 2025/03/06 12:0 p.m.13 views

Some AES functions may panic when overflow checking is enabled.

ring::aead::quic::HeaderProtectionKey::newmask may panic when overflow checking is enabled. In the QUIC protocol, an attacker can induce this panic by sending a specially-crafted packet. Even unintentionally it is likely to occur in 1 out of every 232 packets sent and/or received. On 64-bit targe...

5.3CVSS7.2AI score0.00858EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2023/11/15 12:0 p.m.13 views

`win-base64-rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/06/15 12:0 p.m.13 views

Misaligned pointer dereference in `ChunkId::new`

The function ChunkId::new creates a misaligned pointer by casting mutable pointer of u8 slice which has alignment 1 to the mutable pointer of u32 which has alignment 4, and dereference the misaligned pointer leading UB, which should not be allowed in safe function...

6.8AI score
Exploits0
RustSec
RustSec
added 2022/12/23 12:0 p.m.13 views

Location header incorporates user input, allowing open redirect

When hyper-staticfile performs a redirect for a directory request e.g. a request for /dir that redirects to /dir/, the Location header value was derived from user input the request path, simply appending a slash. The intent was to perform an origin-relative redirect, but specific inputs allowed...

2.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2022/10/31 12:0 p.m.13 views

ELF header parsing library doesn't check for valid offset

The crate has several unsafe sections that don't perform proper pointer validation. An example can be found in the following function: fn sectionheaderraw&self - &ET::SectionHeader let shoff = self.elfheader.sectionheaderoffset as usize; let shnum = self.elfheader.sectionheaderentrynum as usize;...

1.1AI score
Exploits0Affected Software1
RustSec
RustSec
added 2022/05/10 12:0 p.m.13 views

malicious crate `rustdecimal`

The Rust Security Response WG and the crates.io team were notified1 on 2022-05-02 of the existence of the malicious crate rustdecimal, which contained malware. The crate name was intentionally similar to the name of the popular rustdecimal2 crate, hoping that potential victims would misspell its...

0.5AI score
Exploits0
RustSec
RustSec
added 2022/03/04 12:0 p.m.13 views

Arrow2 allows double free in `safe` code

The struct FfiArrowArray implements deriveClone that is inconsistent with its custom implementation of Drop, resulting in a double free when cloned. Cloning this struct in safe results in a segmentation fault, which is unsound. This derive was removed from this struct. All users are advised to...

3.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2022/01/26 12:0 p.m.13 views

xml-rs is Unmaintained

xml-rs is a XML parser has open issues around parsing including integer overflows / panics that may or may not be an issue with untrusted data. Together with these open issues with Unmaintained status xml-rs may or may not be suited to parse untrusted data. Alternatives - quick-xml...

5.1AI score
Exploits0
RustSec
RustSec
added 2022/01/17 12:0 p.m.13 views

project abandoned

Alternatives: - odbc-api - rs-odbc...

1.8AI score
Exploits0
RustSec
RustSec
added 2021/12/27 12:0 p.m.13 views

rental is unmaintained, author has moved on

The author encourages users to explore other solutions, or maintain a fork. Maintained alternatives include: ouroboros fortify escher...

2.8AI score
Exploits0
RustSec
RustSec
added 2021/06/11 12:0 p.m.13 views

Triton VM Soundness Vulnerability due to Missing Constraint

The instruction spongeabsorbmem Triton VM fails to verify that hashed values come from the claimed memory location. Malicious provers can substitute arbitrary data instead of actual memory contents. Any application using instruction spongeabsorbmem to hash memory data can be given a proof for a...

5.6AI score
Exploits0Affected Software1
RustSec
RustSec
added 2021/05/11 12:0 p.m.13 views

Denial of service on EVM execution due to memory over-allocation

Prior to the patch, when executing specific EVM opcodes related to memory operations that use evmcore::Memory::copylarge, the crate can over-allocate memory when it is not needed, making it possible for an attacker to perform denial-of-service attack. The flaw was corrected in commit 19ade85...

4AI score
Exploits0Affected Software1
RustSec
RustSec
added 2021/04/07 12:0 p.m.13 views

AtomicBucket<T> unconditionally implements Send/Sync

In the affected versions of the crate, AtomicBucket unconditionally implements Send/Sync traits. Therefore, users can create a data race to the inner T: !Sync by using the AtomicBucket::datawith API. Such data races can potentially cause memory corruption or other undefined behavior. The flaw was...

8.1CVSS4.6AI score0.00741EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2021/02/15 12:0 p.m.13 views

crate has been renamed to `sn_api`

This crate has been renamed from safe-api to snapi. The new repository location is:...

6.9AI score
Exploits0
RustSec
RustSec
added 2020/12/07 12:0 p.m.13 views

crate has been renamed to `sn_node`

This crate has been renamed from safevault to snnode. The new repository location is:...

6.9AI score
Exploits0
RustSec
RustSec
added 2020/12/02 12:0 p.m.13 views

memmap is unmaintained

The author of the memmap crate is unresponsive. Maintained alternatives: - memmap2...

2AI score
Exploits0Affected Software1
RustSec
RustSec
added 2020/11/02 12:0 p.m.13 views

crate has been renamed to `qp2p`

This crate has been renamed from quic-p2p to qp2p. The new repository location is:...

6.9AI score
Exploits0
RustSec
RustSec
added 2020/11/02 12:0 p.m.13 views

crate has been renamed to `sn_fake_clock`

This crate has been renamed from fakeclock to snfakeclock. The new repository location is:...

6.9AI score
Exploits0
RustSec
RustSec
added 2020/10/16 12:0 p.m.13 views

dirs is unmaintained, use dirs-next instead

The dirs crate is not maintained any more; use dirs-next instead...

2.3AI score
Exploits0
RustSec
RustSec
added 2020/02/06 12:0 p.m.13 views

`tokio-proto` is deprecated/unmaintained

The tokio-proto crate has been deprecated, and its GitHub repository has been archived. Users may be interested in tokio-tower instead, per https://github.com/tokio-rs/tokio/issues/118issuecomment-452969665...

0.6AI score
Exploits0
RustSec
RustSec
added 2019/10/08 12:0 p.m.13 views

Test advisory with associated example crate

This is a test advisory useful for verifying RustSec tooling and vulnerability detection pipelines are working correctly. Aside from the fact that it is filed against an example crate, it is otherwise considered by the Advisory Database itself to be a normal security advisory. It's filed against...

1.8AI score
Exploits0Affected Software1
RustSec
RustSec
added 2019/08/27 12:0 p.m.13 views

Wrong memory orderings in RwLock potentially violates mutual exclusion

Wrong memory orderings inside the RwLock implementation allow for two writers to acquire the lock at the same time. The drop implementation used Ordering::Relaxed, which allows the compiler or CPU to reorder a mutable access on the locked data after the lock has been yielded. Only users of the...

7.8CVSS1.4AI score0.01423EPSS
Exploits0Affected Software1
Total number of security vulnerabilities1141