Lucene search
K
RustsecMost viewed

1141 matches found

RustSec
RustSec
added 2025/10/18 12:0 p.m.6 views

`unic-ucd-category` is unmaintained

All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...

7AI score
Exploits0
RustSec
RustSec
added 2025/10/02 12:0 p.m.6 views

soundness issue and unmaintained

All functions under wrflib::byteextract are simply wrapper of unsafe pointer offset and lacks sufficient checks to it pointer and offset parameter. wrflib is unmaintained...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/09/11 12:0 p.m.6 views

matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method

In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...

6.9CVSS6.9AI score0.00374EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/08/14 12:0 p.m.6 views

IdMap::from_iter may lead to uninitialized memory being freed on drop

Due to a flaw in the constructor idmap::IdMap::fromiter, ill-formed objects may be created in which the amount of actually initialized memory is less than what is expected by the fields of IdMap. Specifically, the field ids is initialized based on the capacity of the vector values, which is...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/08/14 12:0 p.m.6 views

Multiple memory corruption vulnerabilities in safe APIs

The crate has the following vulnerabilities: - The public trait arenavec::common::AllocHandle allows the return of raw pointers through its methods allocate and allocateorextend. However, the trait is not marked as unsafe, meaning users of the crate may implement it under the assumption that the...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/07/11 12:0 p.m.6 views

Uninitialized read after allocating MemBump

The affected function, MemBump::new, would allocate memory without initializing it. Subsequently calling the created value's various alloc methods would then read and write the start of that memory as a Cell which is undefined behavior. Instead, it should zero initialize the start of the allocate...

6.9AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/05/06 12:0 p.m.6 views

soundness issue and unmaintained

shaman::cryptoutil::writeu64vle and other functions mentioned above cannot garantee memory safety of getunchecked later if both length are zero. shaman is unmaintained...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/05/06 12:0 p.m.6 views

soundness issue and unmaintained

wrenrust::macros::defaultrealloc lacks sufficient checks to it pointer parameter which passed into free and realloc wrenrust is unmaintained...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/04/08 12:0 p.m.6 views

crossbeam-channel: double free on Drop

The internal Channel type's Drop method has a race which could, in some circumstances, lead to a double-free. This could result in memory corruption. Quoting from the upstream description in merge request \1187: The problem lies in the fact that dicardallmessages contained two paths that could le...

6.5CVSS6.9AI score0.00484EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/03/13 12:0 p.m.6 views

Use after free in `Parc` and `Prc` due to missing lifetime constraints

Affected versions of this crate didn't provide sufficient lifetime constraints to conversion functions from alloc::sync::Arc and alloc::rc::Rc, which made it possible to create projections of these reference counted pointers. Unlike the original reference counted pointers, these projections could...

6.7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2025/03/04 12:0 p.m.6 views

`openpgp-card-sequoia` is unmaintained.

The openpgp-card-sequoia crate is no longer actively maintained. You can use the openpgp-card-rpgp crate for OpenPGP card client functionality instead...

7.2AI score
Exploits0
RustSec
RustSec
added 2025/02/16 12:0 p.m.6 views

Denial of Service via malicious Web Push endpoint

Prior to version 0.10.3, the built-in clients of the web-push crate eagerly allocated memory based on the Content-Length header returned by the Web Push endpoint. Malicious Web Push endpoints could return a large Content-Length without ever having to send as much data, leading to denial of servic...

4CVSS7AI score0.00331EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/02/10 12:0 p.m.6 views

`rands` was removed from crates.io for malicious code

This crate attempted to typosquat the rand crate, and would link in a malware payload on macOS and Linux hosts when built. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longer available. The related...

5.8AI score
Exploits0
RustSec
RustSec
added 2025/01/15 12:0 p.m.6 views

`root` appended to group listings

Affected versions append root to group listings, unless the correct listing has exactly 1024 groups. This affects both: - The supplementary groups of a user - The group access list of the current process If the caller uses this information for access control, this may lead to privilege escalation...

7.1CVSS6.8AI score0.00166EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2025/01/13 12:0 p.m.6 views

registry is unmaintained

The author has archived the GitHub repository and mentions deprecation in project's README. Possible alternatives windows-registry...

7.2AI score
Exploits0
RustSec
RustSec
added 2024/12/18 12:0 p.m.6 views

Malicious plugin names, recipients, or identities can cause arbitrary binary execution

A plugin name containing a path separator may allow an attacker to execute an arbitrary binary. Such a plugin name can be provided through an attacker-controlled input to the following age APIs when the plugin feature flag is enabled: - age::plugin::Identity::fromstr or equivalently str::parse:: ...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/12/09 12:0 p.m.6 views

gtk-layer-shell-sys GTK3 bindings - no longer maintained

The gtk-layer-shell-sys GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-layer-shell instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/11/28 12:0 p.m.6 views

`ruzstd` uninit and out-of-bounds memory reads

Affected versions of ruzstd miscalculate the length of the allocated and init section of its internal RingBuffer, leading to uninitialized or out-of-bounds reads in copybytesovershooting of up to 15 bytes. This may result in up to 15 bytes of memory contents being written into the decoded data wh...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/11/16 12:0 p.m.6 views

Bias of Polynomial Coefficients in Secret Sharing

Affected versions of this crate allowed for a bias when generating random polynomials for Shamir Secret Sharing, where instead of being within the range 0, 255 they were instead in the range 1, 255. A description from Cure53, who originally found the issue, is available: The correct method to...

7AI score
Exploits0
RustSec
RustSec
added 2024/09/25 12:0 p.m.6 views

`atty` is unmaintained

The maintainer of atty has published an official notice that the crate is no longer under development, and that users should instead rely on the functionality in the standard library's IsTerminal trait. Alternatives - std::io::IsTerminal - Stable since Rust 1.70.0 and the recommended replacement...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/09/06 12:0 p.m.6 views

gix-path improperly resolves configuration path reported by Git

Summary gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a local attacker to inject configuration leading to code execution. Details In gixpath::env, th...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/09/06 12:0 p.m.6 views

webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

6.9AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/09/04 12:0 p.m.6 views

strason is unmaintained

strason will no longer be maintained as declared by the developer. The project has been archived...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/08/22 12:0 p.m.6 views

gitoxide-core does not neutralize special characters for terminals

Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...

5.4CVSS7.2AI score0.00448EPSS
Exploits0
RustSec
RustSec
added 2024/08/14 12:0 p.m.6 views

Uncaught exception when transitioning the state of `AsyncGenerator` objects from within a property getter of `then`

A wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Details Boa's implementation of AsyncGenerator makes the assumption that the state of an AsyncGenerator object cannot change while resolving a promise created by method...

8.6CVSS7.2AI score0.00601EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/30 12:0 p.m.6 views

Stack overflow when parsing specially crafted JSON ABI strings

Affected versions of the alloy-json-abi crate did not properly handle parsing of malformatted JSON ABI strings. The JsonAbi::parse method can be tricked into a stack overflow when processing specially crafted input. This stack overflow can lead to a crash of the application using this crate,...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/26 12:0 p.m.6 views

Shell expansion in custom commands

Summary Undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Details I wanted to show the git commit name in my prompt I use bash, so I added a command: custom.gitcommitname comma...

7.4CVSS7.5AI score0.00463EPSS
Exploits1Affected Software1
RustSec
RustSec
added 2024/07/24 12:0 p.m.6 views

The kstring integration in gix-attributes is unsound

gix-attributes in state::ValueRef unsafely creates a &str from a &u8 containing non-UTF8 data, with the justification that so long as nothing reads the &str and relies on it being UTF-8 in the &str, there is no UB: rust // SAFETY: our API makes accessing that value as str impossible, so illformed...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/18 12:0 p.m.6 views

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/18 12:0 p.m.6 views

`UserIdentity::is_verified` not checking verification status of own user identity while performing the check

The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result return a value contrary to what is implied by its name and documentation. Impact If t...

5.4CVSS6.9AI score0.0028EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/18 12:0 p.m.6 views

gix-path can use a fake program files location

Summary When looking for Git for Windows so it can run it to report its paths, gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account. Details Windows permits limited user accounts without administrative privileges to create new directories ...

7.8CVSS8AI score0.00782EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/18 12:0 p.m.6 views

op_panic in the base runtime can force a panic in the runtime's containing thread

Affected versions use denocore releases that expose Deno.core.ops.oppanic to the JS runtime in the base core This function when called triggers a manual panic in the thread containing the runtime. It can be fixed by stubbing out the exposed op: javascript Deno.core.ops.oppanic = msg = throw new...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/17 12:0 p.m.6 views

Usage of non-constant time base64 decoder could lead to leakage of secret key material

Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. Impa...

2.9CVSS6.8AI score0.00201EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/06 12:0 p.m.6 views

Dump Undefined Memory by `JitDumpFile`

The unsound function dumpcodeloadrecord uses fromrawparts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dumpcodeloadrecord is actually 'unsafe' since it requires the caller to guarantee that the ad...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/07/03 12:0 p.m.6 views

`openslide` is unmaintained

The openslide crate is no longer maintained. Last release was on 2018-11-20. Possible alternatives Consider using an alternative, for instance: - openslide-rs - pamly...

7.2AI score
Exploits0
RustSec
RustSec
added 2024/07/01 12:0 p.m.6 views

Incorrect usage of `#[repr(packed)]`

The affected versions make unsafe memory accesses under the assumption that reprpacked has a guaranteed field order. The Rust specification does not guarantee this, and https://github.com/rust-lang/rust/pull/125360 1.80.0-beta starts reordering fields of reprpacked structs, leading to illegal...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/06/10 12:0 p.m.6 views

mmap unmaintained

The mmap crate is unmaintained as its repository has been archived on Feb 10, 2022. The main alternative seems to be memmap2 crate...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/05/22 12:0 p.m.6 views

Refs and paths with reserved Windows device names access the devices

Summary On Windows, fetching refs that clash with legacy device names reads from the devices, and checking out paths that clash with such names writes arbitrary data to the devices. This allows a repository, when cloned, to cause indefinite blocking or the production of arbitrary message that...

5.4CVSS7.1AI score0.00448EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/22 12:0 p.m.6 views

Traversal outside working tree enables arbitrary code execution

Summary During checkout, gitoxide does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. Details Although gix-worktree-state checks for collisions with existing files, it does not...

8.8CVSS8AI score0.00816EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/15 12:0 p.m.6 views

Tor path lengths too short when "Vanguards lite" configured

Description When building anonymizing circuits to or from an onion service with 'lite' vanguards the default enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or vis...

6.2CVSS7.2AI score0.00186EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/05/15 12:0 p.m.6 views

Tor path lengths too short when "full Vanguards" configured

Description When building anonymizing circuits to or from an onion service with full vanguards enabled, the circuit manager code would build the circuits with one hop too few. Impact This makes users of this code more vulnerable to some kinds of traffic analysis when they run or visit onion...

7.3CVSS7.2AI score0.00298EPSS
Exploits0Affected Software1
RustSec
RustSec
added 2024/04/03 12:0 p.m.6 views

Degradation of service in h2 servers with CONTINUATION Flood

An attacker can send a flood of CONTINUATION frames, causing h2 to process them indefinitely. This results in an increase in CPU usage. Tokio task budget helps prevent this from a complete denial-of-service, as the server can still respond to legitimate requests, albeit with increased latency. Mo...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/03/05 12:0 p.m.6 views

Fails to ensure slice elements match the slice's declared type

Affected versions allow populating a DistributedSlice of T with elements of an arbitrary other type that coerces to T. For example, elements of type &&str could end up in a slice of type &str, since &&str coerces to &str via a deref coercion. The flaw was corrected by implementing typechecking fo...

7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/03/04 12:0 p.m.6 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/03/04 12:0 p.m.6 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/03/04 12:0 p.m.6 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/03/04 12:0 p.m.6 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/03/04 12:0 p.m.6 views

gtk-rs GTK3 bindings - no longer maintained

The gtk-rs GTK3 bindings are no longer maintained. The maintainers have archived the repository, and added a note to the crate description and its README.md that the crates are no longer maintained. Please take a look at gtk4-rs instead...

7.1AI score
Exploits0
RustSec
RustSec
added 2024/02/28 12:0 p.m.6 views

Stack buffer overflow with whoami on several Unix platforms

With versions of the whoami crate = 0.5.3 and = 0.5.3 and 1.0.1, calling any of the above functions also leads to a stack buffer overflow on these platforms: - Bitrig - DragonFlyBSD - FreeBSD - NetBSD - OpenBSD This occurs because of an incorrect definition of the passwd struct on those platforms...

7.7AI score
Exploits0Affected Software1
RustSec
RustSec
added 2024/02/27 12:0 p.m.6 views

ObjectPool creates uninitialized memory when freeing objects

As of version 0.6.0, the ObjectPool explicitly creates an uninitialized instance of its type parameter when it attempts to free an object, and swaps it into the storage. This causes instant undefined behavior due to reading the uninitialized memory in order to write it to the pool storage...

7.3AI score
Exploits0Affected Software1
Total number of security vulnerabilities1141