Page 2 of 15 results (0.006 seconds)

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

CVE-2018-25008

https://notcve.org/view.php?id=CVE-2018-25008

In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 129.0, se presenta una sincronización débil en el método Arc::get_mut. Este problema de sincronización puede conllevar problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/51780 https://github.com/rust-lang/rust/pull/52031 • CWE-662: Improper Synchronization •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-36317 – rust: memory safety violation in String::retain()

https://notcve.org/view.php?id=CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. En la biblioteca estándar en Rust versiones anteriores a 1.49.0, la función String::retener() presenta un problema de seguridad de pánico. Permite una creación de una cadena Rust que no sea UTF-8 cuando el cierre provisto entra en pánico. • https://github.com/rust-lang/rust/issues/78498 https://github.com/rust-lang/rust/pull/78499 https://access.redhat.com/security/cve/CVE-2020-36317 https://bugzilla.redhat.com/show_bug.cgi?id=1949189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-28875 – rust: heap-based buffer overflow in read_to_end() because it does not validate the return value from Read in an unsafe context

https://notcve.org/view.php?id=CVE-2021-28875

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. En la biblioteca estándar de Rust versiones anteriores a 1.50.0, la función read_to_end() no comprueba el valor de retorno de Read en un contexto no seguro. Este bug podría conllevar a un desbordamiento de búfer • https://github.com/rust-lang/rust/issues/80894 https://github.com/rust-lang/rust/pull/80895 https://security.gentoo.org/glsa/202210-09 https://access.redhat.com/security/cve/CVE-2021-28875 https://bugzilla.redhat.com/show_bug.cgi?id=1949194 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-252: Unchecked Return Value •

CVSS: 9.8EPSS: 1%CPEs: 4EXPL: 1

CVE-2021-28879 – rust: integer overflow in the Zip implementation can lead to a buffer overflow

https://notcve.org/view.php?id=CVE-2021-28879

In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, la implementación de Zip puede reportar un tamaño incorrecto debido a un desbordamiento de enteros. Este bug puede conllevar a un desbordamiento del búfer cuando un iterador Zip consumido es usado nuevamente • https://github.com/rust-lang/rust/issues/82282 https://github.com/rust-lang/rust/pull/82289 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security.gentoo.org/glsa/202210-09 https://access.redhat • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-28877 – rust: memory safety violation in Zip implementation for nested iter::Zips

https://notcve.org/view.php?id=CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.51.0, la implementación de Zip llama a la función __iterator_get_unchecked() para el mismo índice más de una vez cuando está anidado. Este bug puede conllevar a una violación de seguridad de la memoria debido a un requisito de seguridad no cumplido para el rasgo TrustedRandomAccess • https://github.com/rust-lang/rust/pull/80670 https://security.gentoo.org/glsa/202210-09 https://access.redhat.com/security/cve/CVE-2021-28877 https://bugzilla.redhat.com/show_bug.cgi?id=1949204 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •