Search
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29922 | 1 Rust-lang | 1 Rust | 2021-08-17 | 6.4 MEDIUM | 9.1 CRITICAL |
| library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. | |||||
| CVE-2021-31162 | 2 Fedoraproject, Rust-lang | 2 Fedora, Rust | 2021-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. | |||||
| CVE-2021-28879 | 2 Fedoraproject, Rust-lang | 2 Fedora, Rust | 2021-04-27 | 7.5 HIGH | 9.8 CRITICAL |
| In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again. | |||||
| CVE-2020-36318 | 1 Rust-lang | 1 Rust | 2021-04-26 | 7.5 HIGH | 9.8 CRITICAL |
| In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. | |||||
| CVE-2018-1000810 | 1 Rust-lang | 1 Rust | 2019-01-04 | 7.5 HIGH | 9.8 CRITICAL |
| The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1. | |||||