Lucene search
K
RustsecMost viewed

1141 matches found

RustSec
RustSec
added 2024/08/23 12:0 p.m.8 views

Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the Diesel Gitter Channel: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to...

8.5AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/06/24 12:0 p.m.8 views

The maintainer of chrono-english is unresponsive

All versions will encounter compilation errors with a chrono version 0.4.35, due to backward incompatible API changes. User conradludgade reworked the original crate and created a fork with the same API surface called interim. The fork is better structured and passes the same test suite as...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/06/03 12:0 p.m.8 views

Reduced entropy due to inadequate character set usage

Description Affected versions of the nano-id crate incorrectly generated IDs using a reduced character set in the nanoid::base62 and nanoid::base58 functions. Specifically, the base62 function used a character set of 32 symbols instead of the intended 62 symbols, and the base58 function used a...

9.8CVSS7AI score0.00754EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2024/05/22 12:0 p.m.8 views

Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS7.1AI score0.00448EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/17 12:0 p.m.8 views

BTreeMap memory leak when deallocating nodes with overflows

When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". In some cases, when we deallocate a node only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causing a memory leak. In the worst case,...

7.5CVSS7.1AI score0.00515EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/03/05 12:0 p.m.8 views

Parts of Report are dropped as the wrong type during downcast

In affected versions, after a Report is constructed using wraperr or wraperrwith to attach a message of type D onto an error of type E, then using downcast to recover ownership of either the value of type D or the value of type E, one of two things can go wrong: - If downcasting to E, there remai...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/03/04 12:0 p.m.8 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/01/23 12:0 p.m.8 views

Unauthenticated Nonce Increment in snow

There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with privileges to inject packets into the channel over which the Noise session operates, this could allow a denial-of-service attack which could prevent message...

4.3CVSS7AI score0.00387EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/01/21 12:0 p.m.8 views

Multiple issues involving quote API

Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments. Thi...

9.8CVSS7.3AI score0.0078EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/01/19 12:0 p.m.8 views

Use-after-free when setting the locale

Version 3.0.0 introduced an AtomicStr type, that is used to store the current locale. It stores the locale as a raw pointer to an Arc. The locale can be read with AtomicStr::asstr. AtomicStr::asstr does not increment the usage counter of the Arc. If the locale is changed in one thread, another...

6.7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/01/07 12:0 p.m.8 views

Unsound sending of non-Send types across threads

Affected versions can run the Drop impl of a non-Send type on a different thread than it was created on. The flaw occurs when a stderr write performed by the threadalone crate fails, for example because stderr is redirected to a location on a filesystem that is full, or because stderr is a pipe...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2023/11/20 12:0 p.m.8 views

`tauri-winrt-notifications` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user gabielle55131 to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.8 views

`registry-win` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.8 views

`libusb1-main` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/09/10 12:0 p.m.8 views

Unaligned read of `*const *const c_char` pointer

Affected versions dereference a potentially unaligned pointer. The pointer is commonly unaligned in practice, resulting in undefined behavior. In some build modes, this is observable as a panic followed by abort. In other build modes the UB may manifest in some other way, including the possibilit...

7.1AI score
Exploits0
RustSec
RustSec
added 2023/08/16 12:0 p.m.8 views

`if-cfg` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...

5.8AI score
Exploits0
RustSec
RustSec
added 2022/09/28 12:0 p.m.8 views

Library exclusively intended to inject UB into safe Rust.

Quoting from the crate description: This crate is created purely to inject undefined behavior into stable, safe rust. Specifically, the inconceivable! macro is insta-UB if the ubinconceivable feature is enabled by any reverse dependency. The value this adds is questionable, and hides unsafe code...

1.3AI score
Exploits0
RustSec
RustSec
added 2022/06/11 12:0 p.m.8 views

Double Public Key Signing Function Oracle Attack on `ed25519-dalek`

Versions of ed25519-dalek prior to v2.0 model private and public keys as separate types which can be assembled into a Keypair, and also provide APIs for serializing and deserializing 64-byte private/public keypairs. Such APIs and serializations are inherently unsafe as the public key is one of th...

5.9CVSS7AI score0.00183EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2021/09/01 12:0 p.m.8 views

`daemonize` is Unmaintained

Last release was over four years ago. The crate contains undocumented unsafe behind safe fns. An issue inquiring as to possible updates has gone unanswered by the maintainer. Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives: - daemonize-m...

3.4AI score
Exploits0
RustSec
RustSec
added 2020/05/07 12:0 p.m.8 views

`array!` macro is unsound in presence of traits that implement methods it calls internally

Affected versions of this crate called some methods using auto-ref. The affected code looked like this. rust let mut arr = $crate::core::mem::MaybeUninit::uninit; let mut vec = $crate::ArrayVec::::newarr.asmutptr as mut T; In this case, the problem is that asmutptr is a method of &mut MaybeUninit...

0.5AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/05/01 12:0 p.m.7 views

Fragile bounds check when sampling from image

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected...

5.9AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/29 12:0 p.m.7 views

DNS rebinding vulnerability in rmcp Streamable HTTP server transport

Prior to version 1.4.0, the rmcp crate's Streamable HTTP server transport did not validate the incoming Host header. This allowed a malicious public website, via a DNS rebinding attack, to send requests to an MCP server running on the victim's loopback or private-network interface. An attacker wh...

8.8CVSS5.8AI score0.00213EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2026/04/09 12:0 p.m.7 views

Use-after-free bug after cloning `wasmtime::Linker`

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hfr4-7c6c-48w2 For more information see the GitHub-hosted security advisory...

5CVSS5.9AI score0.00117EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2026/03/20 12:0 p.m.7 views

`tokio-sync` is unmaintained

The tokio-sync crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

5.7AI score
Exploits0
RustSec
RustSec
added 2026/03/20 12:0 p.m.8 views

`tokio-codec` is unmaintained

The tokio-codec crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the tokio-util crate...

5.7AI score
Exploits0
RustSec
RustSec
added 2026/03/20 12:0 p.m.7 views

`tokio-uds` is unmaintained

The tokio-uds crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

5.7AI score
Exploits0
RustSec
RustSec
added 2026/03/20 12:0 p.m.7 views

`tokio-current-thread` is unmaintained

The tokio-current-thread crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

5.7AI score
Exploits0
RustSec
RustSec
added 2026/03/04 12:0 p.m.7 views

Panic in Signature Hint Decoding During Verification

During ML-DSA verification the serialized hint values are decoded as specified in algorithm 22 HintBitUnpack of FIPS 204, subsection 7.1. The algorithm requires that the cumulative hint counters per row of the hint vector are strictly increasing and below a maximum value which depends on the choi...

5.8AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/03/03 12:0 p.m.7 views

`time_calibrator` was removed from crates.io due to malicious code

It was reported timecalibrator contained malicious code, that would try to upload .env files to a server. The malicious crate had only 1 version published at 2026-02-28 and no evidence of actual usage. The crate was removed from crates.io and the user account was locked. There were no crates...

6AI score
Exploits0
RustSec
RustSec
added 2026/02/26 12:0 p.m.7 views

`tracings` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in an attempt to exfiltrate Polymarket credentials. The malicious crate had 1 version published on 2026-02-26 approximately 9 hours before removal and had no evidence of actual usage. The only crate depending on this crate was the...

5.5AI score
Exploits0
RustSec
RustSec
added 2026/02/18 12:0 p.m.7 views

Type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature targeting Python 3.12 and up

PyO3 0.28.1 added support for pyclassextends=PyList struct NativeSub and other native types when targeting Python 3.12 and up with the abi3 feature. It was discovered that subclasses of such classes would use the type of the subclass when attempting to access to data of NativeSub contained within...

5.4AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/02/05 12:0 p.m.7 views

Unnecessary clamping of seed reduces seed entropy to 251 bits

The latest releases of the libcrux-ed25519 crate contains the following bug-fix: 1320: Remove duplicated clamping step during key generation The issue fixed in 1320 was first reported by Nadim Kobeissi...

5.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/12/30 12:0 p.m.7 views

theshit vulnerable to unsafe loading of user-owned Python rules when running as root

The application loads custom Python rules and configuration files from user-writable locations e.g., /.config/theshit/ without validating ownership or permissions when executed with elevated privileges. If the tool is invoked with sudo or otherwise runs with an effective UID of root, it continues...

6.7CVSS7.1AI score0.0012EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/12/29 12:0 p.m.7 views

Non-utf8 String can be created with `TimeBuf::as_str`

The function gixdate::parse::TimeBuf::asstr can create an illegal string containing non-utf8 characters. This violates the safety invariant of TimeBuf and can lead to undefined behavior when consuming the string. The bug can be prevented by adding str::fromutf8 to the function TimeBuf::write...

7.1CVSS7.3AI score0.00193EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2025/12/09 12:0 p.m.7 views

`finch-rst` was removed from crates.io for malicious code

This attempts to typosquat the existing crate finch to steal credentials from local files. The malicious crate had 1 version published on 2025-12-08 and had been downloaded 21 times. There were no crates depending on this crate on crates.io. Thanks to Matthias Zepper of NGI Sweden for reporting...

5.5AI score
Exploits0
RustSec
RustSec
added 2025/12/08 12:0 p.m.7 views

matrix-sdk-base: Denial of service due to custom `m.room.join_rules` events

The matrix-sdk-base crate is unable to handle responses that include custom m.room.joinrules values due to a serialization bug. This can be exploited to cause a denial-of-service condition, if a user is invited to a room with non-standard join rules, the crate's sync process will stall, preventin...

7.5CVSS6.8AI score0.00358EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/12/03 12:0 p.m.7 views

`uniswap-utils` was removed from crates.io for malicious code

It depended on the evm-units crate, which appeared to be attempting to steal cryptocurrency...

5.3AI score
Exploits0
RustSec
RustSec
added 2025/11/24 12:0 p.m.7 views

CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...

8.2CVSS6.5AI score0.00181EPSS
Exploits0
RustSec
RustSec
added 2025/11/22 12:0 p.m.7 views

Resource Exhaustion (Memory and Handle Leaks) on Windows and macOS

Affected versions of this crate contain resource leaks when querying thread counts on Windows and Apple platforms. Windows The threadamount function calls CreateToolhelp32Snapshot but fails to close the returned HANDLE using CloseHandle. Repeated calls to this function will cause the handle count...

8.7CVSS6.6AI score0.00309EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/11/16 12:0 p.m.7 views

json5 crate is unmaintained

The json5 crate is no longer actively maintained. If you rely on this crate, consider switching to a recommended alternative. Recommended alternatives - serdejson5 - jsonc-parser - json-five...

6.9AI score
Exploits0
RustSec
RustSec
added 2025/11/10 12:0 p.m.7 views

tandem_garble_interop is unmaintained

The tandem crates in https://github.com/sine-fdn are no longer maintained by the SINE Foundation. The repository has been archived. Recommended alternative We are continuing our work on SMPC by implementing our secure multi-party computation engine Polytune...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/21 12:0 p.m.7 views

astral-tokio-tar Vulnerable to PAX Header Desynchronization

Versions of astral-tokio-tar prior to 0.5.6 contain a boundary parsing vulnerability that allows attackers to smuggle additional archive entries by exploiting inconsistent PAX/ustar header handling. When processing archives with PAX-extended headers containing size overrides, the parser incorrect...

8.1CVSS7.1AI score0.00688EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2025/10/18 12:0 p.m.7 views

`unic-bidi` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - unicode-bidi...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/18 12:0 p.m.7 views

`unic-ucd-version` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/18 12:0 p.m.7 views

`unic-char-property` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/18 12:0 p.m.7 views

`unic-ucd-age` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/18 12:0 p.m.7 views

`unic-ucd-case` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/18 12:0 p.m.7 views

`unic-idna-mapping` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - idna...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/15 12:0 p.m.7 views

DoS vulnerability on `alloy_dyn_abi::TypedData` hashing

An uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services may be particularly impacted. If in use, external auto-restarting mechanisms can partially...

7.5CVSS6.8AI score0.00416EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/09/08 12:0 p.m.7 views

iron crate is unmaintained

The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...

6.9AI score
Exploits0
Total number of security vulnerabilities1141