CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20004
https://notcve.org/view.php?id=CVE-2017-20004
14 Apr 2021 — In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 119.0, se presenta un problema de sincronización en el objeto MutexGuard. MutexGuards puede ser usada en subprocesos de cualquier tipo, permitiendo problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/41622 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-36323 – rust: optimization for joining strings can cause uninitialized bytes to be exposed
https://notcve.org/view.php?id=CVE-2020-36323
14 Apr 2021 — In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. En la biblioteca standard en Rust versiones anteriores a 1.52.0, se presenta una optimización para unir cadenas que pueden causar que los bytes no inicializados queden expuestos (o que el programa se bloquee) si la cadena prestada cambia después de que su longitud es comprobada Rust T... • https://github.com/rust-lang/rust/issues/80335 • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-25008
https://notcve.org/view.php?id=CVE-2018-25008
14 Apr 2021 — In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 129.0, se presenta una sincronización débil en el método Arc::get_mut. Este problema de sincronización puede conllevar problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/51780 • CWE-662: Improper Synchronization •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31162 – rust: double free in Vec::from_iter function if freeing the element panics
https://notcve.org/view.php?id=CVE-2021-31162
14 Apr 2021 — In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, se puede producir una doble liberación en la función Vec::from_iter si se libera los pánicos del elemento Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. Issues addressed include buffer overflow, doub... • https://github.com/rust-lang/rust/issues/83618 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-20001
https://notcve.org/view.php?id=CVE-2015-20001
11 Apr 2021 — In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory safety violation. En la biblioteca estándar de Rust versiones anteriores a 1.2.0, BinaryHeap no es a prueba de pánico. La pila del binario es dejada en un estado inconsistente cuando la comparación de elemen... • https://github.com/rust-lang/rust/issues/25842 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36317 – rust: memory safety violation in String::retain()
https://notcve.org/view.php?id=CVE-2020-36317
11 Apr 2021 — In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. En la biblioteca estándar en Rust versiones anteriores a 1.49.0, la función String::retener() presenta un problema de seguridad de pánico. Permite una creación de una cadena Rust que no sea UTF-8 c... • https://github.com/rust-lang/rust/issues/78498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36318 – rust: use-after-free or double free in VecDeque::make_contiguous
https://notcve.org/view.php?id=CVE-2020-36318
11 Apr 2021 — In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. En la biblioteca estándar de Rust versiones anteriores a 1.49.0, la función VecDeque::make_contiguous presenta un bug que muestra el mismo elemento más de una vez bajo determinadas condiciones. Este bug podría resultar en un uso de la memoria previamente liberada o una doble liberación Rust Toolset... • https://github.com/rust-lang/rust/issues/79808 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1CVE-2021-28876 – rust: panic safety issue in Zip implementation
https://notcve.org/view.php?id=CVE-2021-28876
11 Apr 2021 — In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, la implementación de Zip presenta un problema de seguridad de pánico. Llama a la función __itera... • https://github.com/rust-lang/rust/issues/81740 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 1CVE-2021-28878 – rust: memory safety violation in Zip implementation when next_back() and next() are used together
https://notcve.org/view.php?id=CVE-2021-28878
11 Apr 2021 — In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.52.0, la implementación de Zip llama a la función __iterator_get_unchecked() más de una vez para el mismo índice (bajo dete... • https://github.com/rust-lang/rust/issues/82291 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28875 – rust: heap-based buffer overflow in read_to_end() because it does not validate the return value from Read in an unsafe context
https://notcve.org/view.php?id=CVE-2021-28875
11 Apr 2021 — In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. En la biblioteca estándar de Rust versiones anteriores a 1.50.0, la función read_to_end() no comprueba el valor de retorno de Read en un contexto no seguro. Este bug podría conllevar a un desbordamiento de búfer Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-ve... • https://github.com/rust-lang/rust/issues/80894 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-252: Unchecked Return Value •