CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43402 – Rust OS Command Injection/Argument Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-43402
04 Sep 2024 — Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods (which are ignored and stripped by Windows). To determine whether to apply the `cmd.exe` escaping rules, the original fix for the vulnerability checked whether the command name ended with `.bat` or `.cmd`. At the t... • https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 10.0EPSS: 80%CPEs: 1EXPL: 10CVE-2024-24576 – Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows
https://notcve.org/view.php?id=CVE-2024-24576
09 Apr 2024 — Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrusted argument... • https://github.com/aydinnyunus/CVE-2024-24576-Exploit • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 3CVE-2022-21658 – Race condition in std::fs::remove_dir_all in rustlang
https://notcve.org/view.php?id=CVE-2022-21658
20 Jan 2022 — Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this v... • https://github.com/sagittarius-a/cve-2022-21658 • CWE-363: Race Condition Enabling Link Following CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 2CVE-2021-29922 – rust: incorrect parsing of extraneous zero characters at the beginning of an IP address string
https://notcve.org/view.php?id=CVE-2021-29922
07 Aug 2021 — library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. El archivo library/std/src/net/parser.rs en Rust versiones anteriores a 1.53.0, no considera apropiadamente los caracteres cero extraños al principio de una cadena de direcciones IP, lo que (en algunas situaciones) permi... • https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-36323 – rust: optimization for joining strings can cause uninitialized bytes to be exposed
https://notcve.org/view.php?id=CVE-2020-36323
14 Apr 2021 — In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. En la biblioteca standard en Rust versiones anteriores a 1.52.0, se presenta una optimización para unir cadenas que pueden causar que los bytes no inicializados queden expuestos (o que el programa se bloquee) si la cadena prestada cambia después de que su longitud es comprobada Rust T... • https://github.com/rust-lang/rust/issues/80335 • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-25008
https://notcve.org/view.php?id=CVE-2018-25008
14 Apr 2021 — In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 129.0, se presenta una sincronización débil en el método Arc::get_mut. Este problema de sincronización puede conllevar problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/51780 • CWE-662: Improper Synchronization •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36317 – rust: memory safety violation in String::retain()
https://notcve.org/view.php?id=CVE-2020-36317
11 Apr 2021 — In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. En la biblioteca estándar en Rust versiones anteriores a 1.49.0, la función String::retener() presenta un problema de seguridad de pánico. Permite una creación de una cadena Rust que no sea UTF-8 c... • https://github.com/rust-lang/rust/issues/78498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-28877 – rust: memory safety violation in Zip implementation for nested iter::Zips
https://notcve.org/view.php?id=CVE-2021-28877
11 Apr 2021 — In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.51.0, la implementación de Zip llama a la función __iterator_get_unchecked() para el mismo índice más de una vez cuando está anidado. Este bug puede conllevar a una violación de seg... • https://github.com/rust-lang/rust/pull/80670 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-28878 – rust: memory safety violation in Zip implementation when next_back() and next() are used together
https://notcve.org/view.php?id=CVE-2021-28878
11 Apr 2021 — In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.52.0, la implementación de Zip llama a la función __iterator_get_unchecked() más de una vez para el mismo índice (bajo dete... • https://github.com/rust-lang/rust/issues/82291 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-28876 – rust: panic safety issue in Zip implementation
https://notcve.org/view.php?id=CVE-2021-28876
11 Apr 2021 — In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, la implementación de Zip presenta un problema de seguridad de pánico. Llama a la función __itera... • https://github.com/rust-lang/rust/issues/81740 • CWE-755: Improper Handling of Exceptional Conditions •