Lucene search

K
Rust-langRust

9 matches found

CVE
CVE
added 2022/01/20 6:15 p.m.225 views

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable a race condition enabling symlink following (CWE-363)....

7.3CVSS6.4AI score0.00743EPSS
CVE
CVE
added 2021/04/11 8:15 p.m.186 views

CVE-2015-20001

In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory...

7.5CVSS7.6AI score0.00403EPSS
CVE
CVE
added 2018/07/09 8:29 p.m.145 views

CVE-2018-1000622

The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the --plug...

7.8CVSS7.7AI score0.00667EPSS
CVE
CVE
added 2019/09/30 10:15 p.m.131 views

CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, w...

7.5CVSS5.9AI score0.00181EPSS
CVE
CVE
added 2021/04/11 8:15 p.m.121 views

CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for ...

7.5CVSS8.4AI score0.00125EPSS
CVE
CVE
added 2021/04/11 8:15 p.m.107 views

CVE-2021-28875

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow.

7.5CVSS8.4AI score0.00204EPSS
CVE
CVE
added 2021/04/11 8:15 p.m.101 views

CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait.

7.5CVSS8.4AI score0.00219EPSS
CVE
CVE
added 2021/04/11 8:15 p.m.97 views

CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

7.5CVSS7.8AI score0.00367EPSS
CVE
CVE
added 2018/08/20 7:31 p.m.46 views

CVE-2018-1000657

Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no...

7.8CVSS7.7AI score0.00143EPSS