Page 17 of 982 results (0.013 seconds)

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1

CVE-2021-31162 – rust: double free in Vec::from_iter function if freeing the element panics

https://notcve.org/view.php?id=CVE-2021-31162

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, se puede producir una doble liberación en la función Vec::from_iter si se libera los pánicos del elemento • https://github.com/rust-lang/rust/issues/83618 https://github.com/rust-lang/rust/pull/83629 https://github.com/rust-lang/rust/pull/84603 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security. • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-27815

https://notcve.org/view.php?id=CVE-2021-27815

NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash. Una desreferencia de puntero NULL en la herramienta de línea de comandos exif, al imprimir datos EXIF con formato XML, en exif versión v0.6.22 y anteriores permite a atacantes causar una Denegación de Servicio (DoS) al cargar un archivo JPEG malicioso, causando que la aplicación se bloquee • https://github.com/libexif/exif/commit/eb84b0e3c5f2a86013b6fcfb800d187896a648fa https://github.com/libexif/exif/commit/f6334d9d32437ef13dc902f0a88a2be0063d9d1c https://github.com/libexif/exif/issues/4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSWAXZVNXYLV3E4R6YQTEGRGMGWEAR76 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QMC6OTXZRPCUD3LOSWO4ISR7CH7NJQDT https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZQ3L45F7S7PQPG5HEH • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-28878 – rust: memory safety violation in Zip implementation when next_back() and next() are used together

https://notcve.org/view.php?id=CVE-2021-28878

In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.52.0, la implementación de Zip llama a la función __iterator_get_unchecked() más de una vez para el mismo índice (bajo determinadas condiciones) cuando las funciones next_back() y next() son usadas juntas. Este bug podría conllevar a una violación de seguridad de la memoria debido a un requisito de seguridad no cumplido para el rasgo TrustedRandomAccess • https://github.com/rust-lang/rust/issues/82291 https://github.com/rust-lang/rust/pull/82292 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security.gentoo.org/glsa/202210-09 https://access.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1

CVE-2021-28879 – rust: integer overflow in the Zip implementation can lead to a buffer overflow

https://notcve.org/view.php?id=CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, la implementación de Zip puede reportar un tamaño incorrecto debido a un desbordamiento de enteros. Este bug puede conllevar a un desbordamiento del búfer cuando un iterador Zip consumido es usado nuevamente • https://github.com/rust-lang/rust/issues/82282 https://github.com/rust-lang/rust/pull/82289 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security.gentoo.org/glsa/202210-09 https://access.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-28876 – rust: panic safety issue in Zip implementation

https://notcve.org/view.php?id=CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, la implementación de Zip presenta un problema de seguridad de pánico. Llama a la función __iterator_get_unchecked() más de una vez para el mismo índice cuando el iterador subyacente entra en pánico (en determinadas condiciones). • https://github.com/rust-lang/rust/issues/81740 https://github.com/rust-lang/rust/pull/81741 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security.gentoo.org/glsa/202210-09 https://access.redhat • CWE-755: Improper Handling of Exceptional Conditions •