Page 2 of 23 results (0.010 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 119.0, se presenta un problema de sincronización en el objeto MutexGuard. MutexGuards puede ser usada en subprocesos de cualquier tipo, permitiendo problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/41622 https://github.com/rust-lang/rust/pull/41624 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0

In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. En la biblioteca standard en Rust versiones anteriores a 1.52.0, se presenta una optimización para unir cadenas que pueden causar que los bytes no inicializados queden expuestos (o que el programa se bloquee) si la cadena prestada cambia después de que su longitud es comprobada • https://github.com/rust-lang/rust/issues/80335 https://github.com/rust-lang/rust/pull/81728 https://github.com/rust-lang/rust/pull/81728#issuecomment-821549174 https://github.com/rust-lang/rust/pull/81728#issuecomment-824904190 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list& • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 129.0, se presenta una sincronización débil en el método Arc::get_mut. Este problema de sincronización puede conllevar problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/51780 https://github.com/rust-lang/rust/pull/52031 • CWE-662: Improper Synchronization •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1

In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, se puede producir una doble liberación en la función Vec::from_iter si se libera los pánicos del elemento • https://github.com/rust-lang/rust/issues/83618 https://github.com/rust-lang/rust/pull/83629 https://github.com/rust-lang/rust/pull/84603 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security. • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory safety violation. En la biblioteca estándar de Rust versiones anteriores a 1.2.0, BinaryHeap no es a prueba de pánico. La pila del binario es dejada en un estado inconsistente cuando la comparación de elementos genéricos dentro de la función sift_up o sift_down_range entra en pánico. • https://github.com/rust-lang/rust/issues/25842 https://github.com/rust-lang/rust/pull/25856 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •