Lucene search
K
RustsecRecent

1141 matches found

RustSec
RustSec
•added 2024/10/07 12:0 p.m.•19 views

paste - no longer maintained

The creator of the crate paste has stated in the README.md that this project is not longer maintained as well as archived the repository Possible Alternatives - pastey: a fork of paste and is aimed to be a drop-in replacement with additional features for paste crate - withbuiltinmacros: crate...

5.9AI score
Exploits0
RustSec
RustSec
•added 2024/10/03 12:0 p.m.•4 views

Race condition could lead to WebAssembly control-flow integrity and type safety violations

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7qmx-3fpx-r45m. For more information see the GitHub-hosted security advisory...

2.9CVSS7AI score0.00152EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/10/02 12:0 p.m.•5 views

Runtime crash when combining tail calls with stack traces

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q8hx-mm92-4wvg. For more information see the GitHub-hosted security advisory...

5.5CVSS7AI score0.00244EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/10/01 12:0 p.m.•7 views

Remotely exploitable Denial of Service in Tonic

Impact When using tonic::transport::Server there is a remote DoS attack that can cause the server to exit cleanly on accepting a tcp/tls stream. This can be triggered via causing the accept call to error out with errors there were not covered correctly causing the accept loop to exit. More...

6.9CVSS6.9AI score0.00622EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/25 12:0 p.m.•6 views

`atty` is unmaintained

The maintainer of atty has published an official notice that the crate is no longer under development, and that users should instead rely on the functionality in the standard library's IsTerminal trait. Alternatives - std::io::IsTerminal - Stable since Rust 1.70.0 and the recommended replacement...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/09/22 12:0 p.m.•7 views

Segmentation fault due to use of uninitialized memory

When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convertzipdatetime". In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object, the address of the object is changed to the...

7.1AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/15 12:0 p.m.•4 views

get-size is unmaintained

get-size's maintainer seems to be unreachable, with no commits and releases pushed for 1 year and no activity on the GitHub repo. get-size also depends on get-size-derive 0.1.3, which uses attribute-derive ^0.6 a version of the crate which uses the yanked crate proc-macro-error. Possible...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/09/15 12:0 p.m.•4 views

get-size-derive is unmaintained

get-size-derive's maintainer seems to be unreachable, with no commits and releases pushed for 1 year and no activity on the GitHub repo. get-size-derive also depends on attribute-derive ^0.6 a version of the crate which uses the yanked crate proc-macro-error. Possible Alternatives - get-size-deri...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/09/08 12:0 p.m.•5 views

Unsoundness in anstream

When given a valid UTF8 string "ö\x1b😀", the function in crates/anstream/src/adapter/strip.rs will be confused. The UTF8 bytes are \xc3\xb6 then \x1b then \xf0\x9f\x98\x80. When looping over "non-printable bytes" \x1b\xf0 will be considered as some non-printable sequence. This will produce a brok...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/06 12:0 p.m.•6 views

webp crate may expose memory contents when encoding an image

Affected versions of this crate did not check that the input slice passed to "webp::Encoder::encode is large enough for the specified image dimensions. If the input slice is too short, the library will read out of bounds of the buffer and encode other memory contents as an image, resulting in...

6.9AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/06 12:0 p.m.•5 views

gix-path improperly resolves configuration path reported by Git

Summary gix-path runs git to find the path of a configuration file associated with the git installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a local attacker to inject configuration leading to code execution. Details In gixpath::env, th...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/05 12:0 p.m.•7 views

Memory leak when calling a canister method via `ic_cdk::call`

When a canister method is called via iccdk::call, a new Future CallFuture is created and can be awaited by the caller to get the execution result. Internally, the state of the Future is tracked and stored in a struct called CallFutureState. A bug in the polling implementation of the CallFuture...

7.5CVSS7AI score0.00693EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/04 12:0 p.m.•6 views

strason is unmaintained

strason will no longer be maintained as declared by the developer. The project has been archived...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/09/04 12:0 p.m.•8 views

bcc is unmaintained

bcc will no longer be maintained as declared by the developer. Users are recommended to use libbpf-rs instead. See libbpf-rs...

7AI score
Exploits0
RustSec
RustSec
•added 2024/09/04 12:0 p.m.•8 views

hwloc is unmaintained

hwloc will no longer be maintained as declared by the developer. The project has been archived without an issue...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/09/02 12:0 p.m.•8 views

olm-sys: wrapped library unmaintained, potentially vulnerable

After several cryptographic vulnerabilities in libolm were disclosed publicly, the Matrix Foundation has officially deprecated the library. olm-sys is a thin wrapper around libolm and is now deprecated and potentially vulnerable in kind. Users of olm-sys and its higher-level abstraction, olm-rs,...

5.3CVSS7.2AI score0.00536EPSS
Exploits3
RustSec
RustSec
•added 2024/09/02 12:0 p.m.•8 views

`Endpoint::retry()` calls can lead to panicking

In 0.11.0, we overhauled the server-side Endpoint implementation to enable more careful handling of incoming connection attempts. However, some of the code paths that cleaned up state after connection attempts were processed confused the initial destination connection ID with the destination...

7.5CVSS7AI score0.00568EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/09/01 12:0 p.m.•7 views

`instant` is unmaintained

This crate is no longer maintained, and the author recommends using the maintained web-time crate instead. web-time: https://crates.io/crates/web-time...

7.2AI score
Exploits0
RustSec
RustSec
•added 2024/09/01 12:0 p.m.•8 views

proc-macro-error is unmaintained

proc-macro-error's maintainer seems to be unreachable, with no commits for 2 years, no releases pushed for 4 years, and no activity on the GitLab repo or response to email. proc-macro-error also depends on syn 1.x, which may be bringing duplicate dependencies into dependant build trees. Possible...

5.4AI score
Exploits0
RustSec
RustSec
•added 2024/08/31 12:0 p.m.•9 views

gix-path uses local config across repos when it is the highest scope

Summary gix-path executes git to find the path of a configuration file that belongs to the git installation itself, but mistakenly treats the local repository's configuration as system-wide if no higher scoped configuration is found. In rare cases, this causes a less trusted repository to be...

2.5CVSS6.2AI score0.00244EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/08/27 12:0 p.m.•7 views

CWA-2023-004: Excessive number of function parameters in compiled Wasm

A specifically crafted Wasm file can cause the VM to consume excessive amounts of memory when compiling a contract. This can lead to high memory usage, slowdowns, potentially a crash and can poison a lock in the VM, preventing any further interaction with contracts. For more information, see...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/08/26 12:0 p.m.•5 views

`cw0` is unmaintained

The crate cw0 was first renamed to utils in 2021 and then to cw-utils because utils was already claimed on crates.io. The crate cw0 is not maintained anymore since then and should be replaced with cw-utils...

7AI score
Exploits0
RustSec
RustSec
•added 2024/08/23 12:0 p.m.•7 views

Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the Diesel Gitter Channel: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to...

8.5AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/08/22 12:0 p.m.•6 views

gitoxide-core does not neutralize special characters for terminals

Summary The gix and ein commands write pathnames and other metadata literally to terminals, even if they contain characters terminals treat specially, including ANSI escape sequences. This sometimes allows an untrusted repository to misrepresent its contents and to alter or concoct error messages...

5.4CVSS7.2AI score0.00448EPSS
Exploits0
RustSec
RustSec
•added 2024/08/15 12:0 p.m.•9 views

Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts

The following presentation at this year's DEF CON was brought to our attention on the SQLx Discord: SQL Injection isn't Dead: Smuggling Queries at the Protocol Level Archive link for posterity. Essentially, encoding a value larger than 4GiB can cause the length prefix in the protocol to overflow,...

8.4AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/08/14 12:0 p.m.•5 views

minitrace is Unmaintained

The minitrace maintainers have decided to continue the development of minitrace under a new organizational structure to improve community governance. In the meantime, minitrace will no longer be maintained. For more details, refer to tikv/minitrace-rust229. Possible Alternatives fastrace is...

7.1AI score
Exploits0
RustSec
RustSec
•added 2024/08/14 12:0 p.m.•6 views

Uncaught exception when transitioning the state of `AsyncGenerator` objects from within a property getter of `then`

A wrong assumption made when handling ECMAScript's AsyncGenerator operations can cause an uncaught exception on certain scripts. Details Boa's implementation of AsyncGenerator makes the assumption that the state of an AsyncGenerator object cannot change while resolving a promise created by method...

8.6CVSS7.2AI score0.00601EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/08/08 12:0 p.m.•7 views

CWA-2024-004: Gas mispricing in cosmwasm-vm

Some Wasm operations take significantly more gas than our benchmarks indicated. This can lead to missing the gas target we defined by a factor of 10x. This means a malicious contract could take 10 times as much time to execute as expected, which can be used to temporarily DoS a chain. For more...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/30 12:0 p.m.•6 views

Stack overflow when parsing specially crafted JSON ABI strings

Affected versions of the alloy-json-abi crate did not properly handle parsing of malformatted JSON ABI strings. The JsonAbi::parse method can be tricked into a stack overflow when processing specially crafted input. This stack overflow can lead to a crash of the application using this crate,...

7.3AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/26 12:0 p.m.•5 views

`XmpFile::close` can trigger UB

Affected versions of the crate failed to catch C++ exceptions raised within the XmpFile::close function. If such an exception occured, it would trigger undefined behavior, typically a process abort. This is best demonstrated in issue 230, where a race condition causes the close call to fail due t...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/26 12:0 p.m.•5 views

Shell expansion in custom commands

Summary Undocumented and unpredictable shell expansion and/or quoting rules make it easily to accidentally cause shell injection when using custom commands with starship in bash. Details I wanted to show the git commit name in my prompt I use bash, so I added a command: custom.gitcommitname comma...

7.4CVSS7.5AI score0.00463EPSS
Exploits1Affected Software1
RustSec
RustSec
•added 2024/07/24 12:0 p.m.•6 views

The kstring integration in gix-attributes is unsound

gix-attributes in state::ValueRef unsafely creates a &str from a &u8 containing non-UTF8 data, with the justification that so long as nothing reads the &str and relies on it being UTF-8 in the &str, there is no UB: rust // SAFETY: our API makes accessing that value as str impossible, so illformed...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/23 12:0 p.m.•5 views

Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files

Exposure of temporary credentials in logs in Apache Arrow Rust Object Store, version 0.10.1 and earlier on all platforms using AWS WebIdentityTokens. On certain error conditions, the logs may contain the OIDC token passed to AssumeRoleWithWebIdentity. This allows someone with access to the logs t...

7.5CVSS7.3AI score0.0071EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/21 12:0 p.m.•4 views

`MemBio::get_buf` has undefined behavior with empty buffers

Previously, MemBio::getbuf called slice::fromrawparts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•6 views

op_panic in the base runtime can force a panic in the runtime's containing thread

Affected versions use denocore releases that expose Deno.core.ops.oppanic to the JS runtime in the base core This function when called triggers a manual panic in the thread containing the runtime. It can be fixed by stubbing out the exposed op: javascript Deno.core.ops.oppanic = msg = throw new...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•6 views

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•11 views

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•5 views

Ambiguous challenge derivation

Challenge derivation in non-interactive ZK proofs was ambiguous and that could lead to security vulnerability however, it's unknown if it could be exploited...

7.2AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•5 views

op_panic in the base runtime can force a panic in the runtime's containing thread

Affected versions use denocore releases that expose Deno.core.ops.oppanic to the JS runtime in the base core This function when called triggers a manual panic in the thread containing the runtime, breaking sandboxing It can be fixed by stubbing out the exposed op: javascript Deno.core.ops.oppanic...

7AI score
Exploits0
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•5 views

gix-path can use a fake program files location

Summary When looking for Git for Windows so it can run it to report its paths, gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account. Details Windows permits limited user accounts without administrative privileges to create new directories ...

7.8CVSS8AI score0.00782EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/18 12:0 p.m.•6 views

`UserIdentity::is_verified` not checking verification status of own user identity while performing the check

The UserIdentity::isverified method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result return a value contrary to what is implied by its name and documentation. Impact If t...

5.4CVSS6.9AI score0.0028EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/17 12:0 p.m.•6 views

Usage of non-constant time base64 decoder could lead to leakage of secret key material

Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and PkDecryption Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. Impa...

2.9CVSS6.8AI score0.00201EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/07 12:0 p.m.•7 views

phonenumber: panic on parsing crafted phonenumber inputs

Impact The phonenumber parsing code may panic due to a reachable assert! guard on the phonenumber string. In a typical deployment of rust-phonenumber, this may get triggered by feeding a maliciously crafted phonenumber, e.g. over the network, specifically strings of the form...

8.6CVSS7.3AI score0.00711EPSS
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/06 12:0 p.m.•6 views

Dump Undefined Memory by `JitDumpFile`

The unsound function dumpcodeloadrecord uses fromrawparts to directly convert the pointer addr and len into a slice without any validation and that memory block would be dumped. Thus, the 'safe' function dumpcodeloadrecord is actually 'unsafe' since it requires the caller to guarantee that the ad...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/03 12:0 p.m.•6 views

`openslide` is unmaintained

The openslide crate is no longer maintained. Last release was on 2018-11-20. Possible alternatives Consider using an alternative, for instance: - openslide-rs - pamly...

7.2AI score
Exploits0
RustSec
RustSec
•added 2024/07/03 12:0 p.m.•7 views

`opentelemetry_api` has been merged into the `opentelemetry` crate

Last release was on 2023-07-30. opentelemetryapi has been moved into the opentelemetry crate. Please use the opentelemetry crate going forward...

7.2AI score
Exploits0
RustSec
RustSec
•added 2024/07/01 12:0 p.m.•5 views

Incorrect usage of `#[repr(packed)]`

The affected versions make unsafe memory accesses under the assumption that reprpacked has a guaranteed field order. The Rust specification does not guarantee this, and https://github.com/rust-lang/rust/pull/125360 1.80.0-beta starts reordering fields of reprpacked structs, leading to illegal...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/07/01 12:0 p.m.•6 views

Incorrect usage of `#[repr(packed)]`

The affected versions make unsafe memory accesses under the assumption that reprpacked has a guaranteed field order. The Rust specification does not guarantee this, and https://github.com/rust-lang/rust/pull/125360 1.80.0-beta starts reordering fields of reprpacked structs, leading to illegal...

7AI score
Exploits0Affected Software1
RustSec
RustSec
•added 2024/06/26 12:0 p.m.•5 views

Low severity (DoS) vulnerability in sequoia-openpgp

There is a denial-of-service vulnerability in sequoia-openpgp, our crate providing a low-level interface to our OpenPGP implementation. When triggered, the process will enter an infinite loop. Many thanks to Andrew Gallagher for disclosing the issue to us. Impact Any software directly or indirect...

7.5CVSS7.1AI score0.00361EPSS
Exploits1Affected Software1
RustSec
RustSec
•added 2024/06/26 12:0 p.m.•16 views

`derivative` is unmaintained; consider using an alternative

The derivative crate is no longer maintained. Consider using any alternative, for instance: - derivemore - derive-where - educe...

7.2AI score
Exploits0
Total number of security vulnerabilities1141