Lucene search
K
RustsecMost viewed

1141 matches found

RustSec
RustSec
•added 2024/10/11 12:0 p.m.•4 views

Borsh serialization of HashMap is non-canonical

The borsh serialization of the HashMap did not follow the borsh specification. It potentially produced non-canonical encodings dependent on insertion order. It also did not perform canonicty checks on decoding. This can result in consensus splits and cause equivalent objects to be considered...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/10/03 12:0 p.m.•4 views

Race condition could lead to WebAssembly control-flow integrity and type safety violations

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory...

2.9CVSS7AI score0.00152EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/15 12:0 p.m.•4 views

get-size-derive is unmaintained

get-size-derive's maintainer seems to be unreachable, with no commits and releases pushed for 1 year and no activity on the GitHub repo. get-size-derive also depends on attribute-derive ^0.6 a version of the crate which uses the yanked crate proc-macro-error. Possible Alternatives - get-size-deri...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/09/15 12:0 p.m.•4 views

get-size is unmaintained

get-size's maintainer seems to be unreachable, with no commits and releases pushed for 1 year and no activity on the GitHub repo. get-size also depends on get-size-derive 0.1.3, which uses attribute-derive ^0.6 a version of the crate which uses the yanked crate proc-macro-error. Possible...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/07/21 12:0 p.m.•4 views

`MemBio::get_buf` has undefined behavior with empty buffers

Previously, MemBio::getbuf called slice::fromrawparts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/04/06 12:0 p.m.•4 views

`rsa-export` is unmaintained

This crate has been deprecated in favour of using the native support for exporting RSA keys into the standard PEM format. See docs.rs documentation. In addition to that, the operations in this crate arithmetic and Base64 encoding are not done in constant-time, potentially exposing the user to...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/02/28 12:0 p.m.•4 views

Non-idiomatic use of iterators leads to use after free

Code that attempts to use an item e.g., a row returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. Code that uses the item and then advances the iterator is unaffected. This problem has always existed. This is ...

7.5CVSS7.3AI score0.00817EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/02/11 12:0 p.m.•4 views

`generational-arena` is unmaintained

The generational-arena crate's repository has been archived and is no longer maintained. Alternatives - slotmap...

7.2AI score
Exploits0
RustSec
RustSec
•added 2024/02/06 12:0 p.m.•4 views

Improper comparison of different-length signatures

The Webhook::verify function incorrectly compared signatures of different lengths - the two signatures would only be compared up to the length of the shorter signature. This allowed an attacker to pass in v1, as the signature, which would always pass verification...

6.5CVSS7AI score0.0041EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/01/26 12:0 p.m.•4 views

`conrod` is unmaintained

The crate conrod has been deprecated since version 0.62.0 released in December 2018. The functionality was split across multiple different crates, with the core functionality being transferred to conrodcore. An overview can be found in the conrod repository. If you have this crate in your...

7AI score
Exploits0
RustSec
RustSec
•added 2024/01/25 12:0 p.m.•4 views

filesystem-rs may be implicitly unmaintained

The last release was over 5 years ago, and the last commit was over 4 years ago. The maintainers have not responded to a pull request to update dependencies that are themselves unmaintained, and which poses the question of maintenance...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/01/24 12:0 p.m.•4 views

Stack overflow during recursive JSON parsing

When parsing untrusted, deeply nested JSON, the stack may overflow, possibly enabling a Denial of Service attack. This was fixed by adding a check for recursion depth...

7.5CVSS7.1AI score0.00362EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/01/23 12:0 p.m.•4 views

Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting')

Summary Insufficient validation of outbound header values may lead to request splitting or response splitting attacks in scenarios where attackers have sufficient control over outbound headers. Details Outbound trilliumhttp::HeaderValue and trilliumhttp::HeaderName can be constructed infallibly a...

8.1CVSS7.3AI score0.00632EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/12/20 12:0 p.m.•4 views

Unaligned write of u64 on 32-bit and 16-bit platforms

Affected versions allocate memory using the alignment of usize and write data to it of type u64, without using core::ptr::writeunaligned. In platforms with sub-64bit alignment for usize including wasm32 and x86 these writes are insufficiently aligned some of the time. If using an ordinary optimiz...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2023/12/18 12:0 p.m.•4 views

Buffer overflow due to integer overflow in `transpose`

Given the function transpose::transpose: rust fn transposeinput: &T, output: &mut T, inputwidth: usize, inputheight: usize The safety check inputwidth inputheight == output.len can fail due to inputwidth inputheight overflowing in such a way that it equals output.len. As a result of failing the...

5.3CVSS7.5AI score0.00291EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/11/18 12:0 p.m.•4 views

`openvpn-plugin-rs` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the user TerryDavisSoldier to run an arbitrary malware payload on Windows hosts. This advisory is to retrospectively document this attempted attack. The version information and download records of the malicious crate are no longe...

5.9AI score
Exploits0
RustSec
RustSec
•added 2023/11/06 12:0 p.m.•4 views

`littest` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user http-tiny and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download...

5.8AI score
Exploits0
RustSec
RustSec
•added 2023/10/19 12:0 p.m.•4 views

Potential stack use-after-free in `Instrumented::into_inner`

The implementation of the Instrumented::intoinner method in affected versions of this crate contains undefined behavior due to incorrect use of std::mem::forget The function creates const pointers to self, calls mem::forgetselfstd::mem::forget, and then moves values out of those pointers using...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2023/09/23 12:0 p.m.•4 views

gix-transport code execution vulnerability

The gix-transport crate prior to the patched version 0.36.1 would allow attackers to use malicious ssh clone URLs to pass arbitrary arguments to the ssh program, leading to arbitrary code execution. PoC: gix clone 'ssh://-oProxyCommand=open$IFS-aCalculator/foo' This will launch a calculator on OS...

4.1CVSS7.7AI score0.00171EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/09/19 12:0 p.m.•4 views

phonenumber: panic on parsing crafted RF3966 phonenumber inputs

Impact The phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of rust-phonenumber, this may get triggered by feeding a maliciously crafted phonenumber over the network, specifically the string .;phone-context=. Patches...

8.6CVSS7.2AI score0.00694EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/09/10 12:0 p.m.•4 views

Exposes reference to non-Sync data to an arbitrary thread

Affected versions do not enforce a Sync bound on the type of caller-provided value held in the plugin registry. References to these values are made accessible to arbitrary threads other than the one that constructed them. A caller could use this flaw to submit thread-unsafe data into inventory,...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2023/09/05 12:0 p.m.•4 views

Miscompilation of wasm `i64x2.shr_s` instruction with constant input on x86\_64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-gw5p-q8mj-p7gh. For more information see the GitHub-hosted security advisory...

5.3CVSS7AI score0.00605EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/08/22 12:0 p.m.•4 views

rustls-webpki: CPU denial of service in certificate path building

When this crate is given a pathological certificate chain to validate, it will spend CPU time exponential with the number of candidate certificates at each step of path building. Both TLS clients and TLS servers that accept client certificate are affected. We now give each path building operation...

7.8CVSS7AI score0.06325EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/08/16 12:0 p.m.•4 views

`oncecell` was removed from crates.io for malicious code

This crate was part of a typosquatting malware cluster published by the malicious user amaperf and contained a malware payload in build.rs to exfiltrate host information to the attacker. This advisory is to retrospectively document this attempted attack. The version information and download recor...

5.8AI score
Exploits0
RustSec
RustSec
•added 2023/07/26 12:0 p.m.•4 views

Unsoundness in `intern` methods on `intaglio` symbol interners

Affected versions of this crate have a stacked borrows violation when creating references to interned contents. All interner types are affected. The flaw was corrected in version 1.9.0 by reordering move and borrowing operations and storing interned contents by raw pointer instead of as a Box...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2023/06/26 12:0 p.m.•4 views

impl `FromMdbValue` for bool is unsound

The implementation of FromMdbValue have several unsoundness issues. First of all, it allows to reinterpret arbitrary bytes as a bool and could make undefined behavior happen with safe function. Secondly, it allows transmuting pointer without taking memory layout into consideration. The details of...

7.2AI score
Exploits0
RustSec
RustSec
•added 2023/03/03 12:0 p.m.•4 views

Miscompilation of `i8x16.select` with the same inputs on x86\_64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xm67-587q-r2vw. For more information see the GitHub-hosted security advisory...

4.3CVSS7AI score0.00624EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2022/11/05 12:0 p.m.•4 views

Out of bounds read/write with zero-memory-pages configuration

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-44mr-8vmm-wjhg. For more information see the GitHub-hosted security advisory...

7.4CVSS7AI score0.00577EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2022/07/12 12:0 p.m.•4 views

Use After Free with `externref`s in Wasmtime

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-5fhj-g3p3-pq9g. For more information see the GitHub-hosted security advisory...

8.8CVSS7AI score0.00856EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2022/03/04 12:0 p.m.•4 views

Incorrect signature verification on gzip-compressed install images

The coreos-installer is a program to fetch a disk image and stream it to a target disk. During the installation process the installation image gpg signatures are verified. The signature verification can be bypassed for gzip-compressed images due to a flaw in gzip coreos-installer wrapper. When th...

7.8CVSS7AI score0.00515EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/01/26 12:0 p.m.•3 views

`conrod_core` is unmaintained

The conrodcore crate is no longer maintained. The author suggests egui as a potential alternative...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/01/20 12:0 p.m.•3 views

`cosmwasm` is unmaintained

The crate cosmwasm is not used anymore since spring 2020. The functionality was split in multiple different crates, such as the standard library cosmwasm-std and the virtual machine cosmwasm-vm. An overview can be found in the cosmwasm repository. If you have this crate in your dependency tree,...

7AI score
Exploits0
RustSec
RustSec
•added 2023/12/14 12:0 p.m.•3 views

Some Ref methods are unsound with some type parameters

The Ref methods intoref, intomut, intoslice, and intoslicemut are unsound and may allow safe code to exhibit undefined behavior when used with Ref where B is cell::Ref or cell::RefMut. Note that these methods remain sound when used with B types other than cell::Ref or cell::RefMut. See...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2023/10/30 12:0 p.m.•3 views

`martin-mbtiles` has been renamed to `mbtiles`

Please use the mbtiles crate going forward...

7AI score
Exploits0
RustSec
RustSec
•added 2023/09/15 12:0 p.m.•3 views

`hpack` is unmaintained

The hpack crate is no longer maintained. Consider using fluke-hpack or httlib-huffman...

7.2AI score
Exploits0
RustSec
RustSec
•added 2023/09/13 12:0 p.m.•3 views

BER/CER/DER decoder panics on invalid input

Due to insufficient checking of input data, decoding certain data sequences can lead to bcder panicking rather than returning an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding. bcder 0.7.3 fixes these issues by more...

7.5CVSS7.1AI score0.00592EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2023/07/30 12:0 p.m.•3 views

`dlopen_derive` is unmaintained

dlopenderive hasn't been updated since June 9, 2019. dlopenderive depends on quote = "0.6.12" and syn = "0.15.34". Versions 1.0.0 of these dependencies were published on August 13, 2019. The 0. versions haven't received updates since. Note that dlopen is an unmaintained crate from the same...

7.2AI score
Exploits0
RustSec
RustSec
•added 2023/04/11 12:0 p.m.•3 views

multipart is Unmaintained

The multipart crate is unmaintained. The author has archived the github repository. Alternatives: - multer - multiparty...

7.1AI score
Exploits0
RustSec
RustSec
•added 2023/02/14 12:0 p.m.•3 views

safemem is unmaintained

The latest crates.io release was in 2019. The repository has been archived by the author. Migration - safemem::copyoverslice, srcidx, destidx, len; can be replaced with slice.copywithinsrcidx..srcidx+len, destidx; as of rust 1.37.0. - safemem::writebytesslice, byte; can be replaced with...

7.1AI score
Exploits0
RustSec
RustSec
•added 2022/07/05 12:0 p.m.•3 views

Miscompilation of constant values in division on AArch64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4. For more information see the GitHub-hosted security advisory...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2023/04/29 12:0 p.m.•2 views

Vulnerable to privilege escalation using ioctls TIOCSTI and TIOCLINUX

please is vulnerable to privilege escalation using ioctls TIOCSTI and TIOCLINUX on systems where they are not disabled. Here is how to see it in action: $ cd "$mktemp -d" $ git clone --depth 1 https://gitlab.com/edneville/please.git $ cd please/ $ git rev-parse HEAD...

7.8CVSS7.6AI score0.00292EPSS
Exploits1
Total number of security vulnerabilities1141