Lucene search
K
RustsecMost viewed

1141 matches found

RustSec
RustSec
added 2025/01/18 12:0 p.m.7 views

gix-worktree-state nonexclusive checkout sets executable files world-writable

Summary gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some...

5CVSS7.2AI score0.00361EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/12/18 12:0 p.m.7 views

Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided to the rage CLI through an attacker-controlled recipient or identity string, or an attacker-controlled plugin name via the -j flag. On UNIX systems, a directory...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/12/09 12:0 p.m.7 views

gtk-layer-shell GTK3 bindings - no longer maintained

The gtk-layer-shell GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-layer-shell instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/12/04 12:0 p.m.7 views

Build corruption when using `PYO3_CONFIG_FILE` environment variable

In PyO3 0.23.0 the PYO3CONFIGFILE environment variable used to configure builds regressed such that changing the environment variable would no longer trigger PyO3 to reconfigure and recompile. In combination with workflows using tools such as maturin to build for multiple versions in a single...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/10/24 12:0 p.m.7 views

Replaced by `pqcrypto-mlkem`

This crate has been replaced by pqcrypto-mlkem, which provides a FIPS203-compatible implementation of ML-KEM...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/10/01 12:0 p.m.7 views

Remotely exploitable Denial of Service in Tonic

Impact When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a tcp/tls stream. This can be triggered via causing the accept call to error out with errors there were not covered correctly causing the accept loop to exit. More...

6.9CVSS6.9AI score0.00622EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/09/22 12:0 p.m.7 views

Segmentation fault due to use of uninitialized memory

When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convertzipdatetime". In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object, the address of the object is changed to the...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/09/05 12:0 p.m.7 views

Memory leak when calling a canister method via `ic_cdk::call`

When a canister method is called via iccdk::call, a new Future CallFuture is created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called CallFutureState. A bug in the polling implementation of the CallFuture...

7.5CVSS7AI score0.00693EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/09/01 12:0 p.m.7 views

`instant` is unmaintained

This crate is no longer maintained, and the author recommends using the maintained web-time crate instead. web-time: https://crates.io/crates/web-time...

7.2AI score
Exploits0
RustSec
RustSec
added 2024/08/27 12:0 p.m.7 views

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts. For more information, see...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/08/23 12:0 p.m.7 views

Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the Diesel Gitter Channel: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to...

8.5AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/08/08 12:0 p.m.7 views

CWA-2024-004: Gas mispricing in cosmwasm-vm

Some Wasm operations take significantly more gas than our benchmarks indicated. This can lead to missing the gas target we defined by a factor of 10x. This means a malicious contract could take 10 times as much time to execute as expected, which can be used to temporarily DoS a chain. For more...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/07 12:0 p.m.7 views

phonenumber: panic on parsing crafted phonenumber inputs

Impact The phonenumber parsing code may panic due to a reachable assert! guard on the phonenumber string. In a typical deployment of rust-phonenumber, this may get triggered by feeding a maliciously crafted phonenumber, e.g. over the network, specifically strings of the form...

8.6CVSS7.3AI score0.00711EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/03 12:0 p.m.7 views

`opentelemetry_api` has been merged into the `opentelemetry` crate

Last release was on 2023-07-30. opentelemetryapi has been moved into the opentelemetry crate. Please use the opentelemetry crate going forward...

7.2AI score
Exploits0
RustSec
RustSec
added 2024/06/18 12:0 p.m.7 views

Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`

Timing variability of any kind is problematic when working with potentially secret values such as elliptic curve scalars, and such issues can potentially leak private keys and other secrets. Such a problem was recently discovered in curve25519-dalek. The Scalar29::sub 32-bit and Scalar52::sub...

5.1CVSS7.2AI score0.00152EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/22 12:0 p.m.7 views

Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS7.1AI score0.00448EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/17 12:0 p.m.7 views

BTreeMap memory leak when deallocating nodes with overflows

When storing unbounded types in a BTreeMap, a node is represented as a linked list of "memory chunks". In some cases, when we deallocate a node only the first memory chunk is deallocated, and the rest of the memory chunks remain incorrectly allocated, causing a memory leak. In the worst case,...

7.5CVSS7.1AI score0.00515EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/03/15 12:0 p.m.7 views

Slow loris vulnerability with default configuration

tls-listener is a rust lang wrapper around a connection listener to support TLS. With the default configuration of tls-listener, a malicious user can open 6.4 TcpStreams a second, sending 0 bytes, and can trigger a DoS. The default configuration options make any public service using...

7.5CVSS7AI score0.00964EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2024/03/04 12:0 p.m.7 views

Tokens for named pipes may be delivered after deregistration

Impact When using named pipes on Windows, mio will under some circumstances return invalid tokens that correspond to named pipes that have already been deregistered from the mio registry. The impact of this vulnerability depends on how mio is used. For some applications, invalid tokens may be...

9.1CVSS7AI score0.00889EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/02/19 12:0 p.m.7 views

dav1d AV1 decoder integer overflow

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading to version 0.7.0 of libdav1d-sys, which includes dav1d 1.4.0...

8.8CVSS7.6AI score0.01835EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/01/23 12:0 p.m.7 views

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

Summary Insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have sufficient control over outbound headers. Details Outbound trilliumhttp::HeaderValue and trilliumhttp::HeaderName can be constructed infallibly a...

8.1CVSS7.3AI score0.00632EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2023/12/22 12:0 p.m.7 views

`bit-flags` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user alexrichton to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/20 12:0 p.m.7 views

`tauri-win-rt-notification` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user gabielle55131 to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/18 12:0 p.m.7 views

`windowsservice` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user TerryDavisSoldier to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longe...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.7 views

`lfest-main` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.7 views

`win-crypto` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.7 views

`windows-service-rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/15 12:0 p.m.7 views

`win_run_rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user Kraded to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available...

5.9AI score
Exploits0
RustSec
RustSec
added 2023/11/14 12:0 p.m.7 views

`cpython` is unmaintained

The cpython crate and the underlying python3-sys and python27-sys crates have been marked as no longer actively maintained by the developer. There are also open issues for unsound code that is currently in these crates: - cpython265: Using some string functions causes segmentation faults on...

7.4AI score
Exploits0
RustSec
RustSec
added 2023/11/10 12:0 p.m.7 views

Insufficient covariance check makes self_cell unsound

All public versions prior to 1.02 used an insufficient check to ensure that users correctly marked the dependent type as either covariant or notcovariant. This allowed users to mark a dependent as covariant even though its type was not covariant but invariant, for certain invariant types involvin...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
added 2023/11/06 12:0 p.m.7 views

`tiny-server` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user http-tiny and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download...

5.8AI score
Exploits0
RustSec
RustSec
added 2023/11/01 12:0 p.m.7 views

sudo-rs: Path Traversal vulnerability

Impact An issue was discovered where usernames containing the . and / characters could result in the corruption of specific files on the filesystem. As usernames are generally not limited by the characters they can contain, a username appearing to be a relative path can be constructed. For exampl...

8.1CVSS7.2AI score0.00571EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2023/09/19 12:0 p.m.7 views

blurhash: panic on parsing crafted blurhash inputs

Impact The blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on untrusted input. In a typical deployment, this may get triggered by feeding a maliciously crafted blurhashes over the network. These may include: - UTF-8 compliant strings containing multi-byte UTF-...

8.6CVSS7.2AI score0.00515EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2023/08/16 12:0 p.m.7 views

`if-cfg` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...

5.8AI score
Exploits0
RustSec
RustSec
added 2023/08/03 12:0 p.m.7 views

Invalid Slice Split Results in Server Panic

A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...

5.9CVSS7AI score0.0065EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2023/03/02 12:0 p.m.7 views

Guest-controlled out-of-bounds read/write on x86\_64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ff4p-7xrq-q5r8. For more information see the GitHub-hosted security advisory...

9.9CVSS7AI score0.01261EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2022/11/23 12:0 p.m.7 views

Mimalloc Can Allocate Memory with Bad Alignment

This crate depended on a promise regarding alignments made by the author of the mimalloc allocator to avoid using aligned allocation functions where possible for performance reasons. Since then, the mimalloc allocator's logic changed, making it break this promise. This caused this crate to return...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2022/11/07 12:0 p.m.7 views

Out of bounds write in `wasmtime_trap_code` C API function

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-h84q-m8rr-3v9q. For more information see the GitHub-hosted security advisory...

9.8CVSS7AI score0.00315EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2022/09/28 12:0 p.m.7 views

Library exclusively intended to inject UB into safe Rust.

Quoting from the crate description: This crate is created purely to inject undefined behavior into stable, safe rust. Specifically, the inconceivable! macro is insta-UB if the ubinconceivable feature is enabled by any reverse dependency. The value this adds is questionable, and hides unsafe code...

1.3AI score
Exploits0
RustSec
RustSec
added 2026/05/01 12:0 p.m.6 views

NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the S...

5.8AI score
Exploits0Affected Software1
RustSec
RustSec
added 2026/03/20 12:0 p.m.6 views

`tokio-udp` is unmaintained

The tokio-udp crate is unmaintained. It was part of the Tokio 0.1 ecosystem and has been superseded by the main tokio crate...

5.7AI score
Exploits0
RustSec
RustSec
added 2026/01/26 12:0 p.m.6 views

X25519 secret validation did not check buffer length or clamping

The latest releases of the libcrux-ecdh crate contains the following bug-fix: 1301: Check length and clamping in X25519 secret validation. This is a breaking change since errors are now raised on unclamped X25519 secrets or inputs of the wrong length...

5.4AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/12/24 12:0 p.m.6 views

Unsound APIs of public `constant::Reader` and `StructSchema`

The safe API functions constant::Reader::get and StructSchema::new rely on PointerReader::getrootunchecked, which can cause undefined behavior UB by constructing arbitrary words or schemas. Reader::get rust pub fn get&self - Result::Reader // ... // UNSAFE: access words without validation...

6AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/12/08 12:0 p.m.6 views

matrix-sdk-base: Denial of service due to custom `m.room.join_rules` events

The matrix-sdk-base crate is unable to handle responses that include custom m.room.joinrules values due to a serialization bug. This can be exploited to cause a denial-of-service condition, if a user is invited to a room with non-standard join rules, the crate's sync process will stall, preventin...

7.5CVSS6.8AI score0.00358EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/12/03 12:0 p.m.6 views

`evm-units` was removed from crates.io for malicious code

It appeared to be attempting to steal cryptocurrency...

5.3AI score
Exploits0
RustSec
RustSec
added 2025/11/24 12:0 p.m.6 views

CGGMP21 presignatures can be used in the way that significantly reduces security

This attack is against presignatures used in very specific context: Presignatures + HD wallets derivation: security level reduces to 85 bits \ Previously you could generate a presignature, and then choose a HD derivation path while issuing a partial signature via Presignature::setderivationpath,...

8.2CVSS6.5AI score0.00181EPSS
Exploits0
RustSec
RustSec
added 2025/11/17 12:0 p.m.6 views

rand_os crate is unmaintained

The randos crate is deprecated and no longer actively maintained, as OsRng is now part of randcore. If you are using this crate, consider upgrading to randcore 0.5.1 or higher...

7AI score
Exploits0
RustSec
RustSec
added 2025/11/17 12:0 p.m.6 views

hexchat crate is unsound and unmaintained

All versions of this crate have function deregistercommand which can result in use after free. This is unsound. In addition, all versions since 0.3.0 have "safe" macros, which are documented as unsafe to use in threads. In addition, the hexchat crate is no longer actively maintained. If you rely ...

5.4AI score
Exploits0
RustSec
RustSec
added 2025/10/31 12:0 p.m.6 views

Lack of sufficient checks in public API

The affected function is unsound due to insufficient checks on public struct field...

6.9AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/10/18 12:0 p.m.6 views

`unic-ucd` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

7AI score
Exploits0
Total number of security vulnerabilities1141