Page 3 of 23 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-36317 – rust: memory safety violation in String::retain()

https://notcve.org/view.php?id=CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. En la biblioteca estándar en Rust versiones anteriores a 1.49.0, la función String::retener() presenta un problema de seguridad de pánico. Permite una creación de una cadena Rust que no sea UTF-8 cuando el cierre provisto entra en pánico. • https://github.com/rust-lang/rust/issues/78498 https://github.com/rust-lang/rust/pull/78499 https://access.redhat.com/security/cve/CVE-2020-36317 https://bugzilla.redhat.com/show_bug.cgi?id=1949189 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CVE-2020-36318 – rust: use-after-free or double free in VecDeque::make_contiguous

https://notcve.org/view.php?id=CVE-2020-36318

In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. En la biblioteca estándar de Rust versiones anteriores a 1.49.0, la función VecDeque::make_contiguous presenta un bug que muestra el mismo elemento más de una vez bajo determinadas condiciones. Este bug podría resultar en un uso de la memoria previamente liberada o una doble liberación • https://github.com/rust-lang/rust/issues/79808 https://github.com/rust-lang/rust/pull/79814 https://access.redhat.com/security/cve/CVE-2020-36318 https://bugzilla.redhat.com/show_bug.cgi?id=1949192 • CWE-415: Double Free CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CVE-2021-28875 – rust: heap-based buffer overflow in read_to_end() because it does not validate the return value from Read in an unsafe context

https://notcve.org/view.php?id=CVE-2021-28875

In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. En la biblioteca estándar de Rust versiones anteriores a 1.50.0, la función read_to_end() no comprueba el valor de retorno de Read en un contexto no seguro. Este bug podría conllevar a un desbordamiento de búfer • https://github.com/rust-lang/rust/issues/80894 https://github.com/rust-lang/rust/pull/80895 https://security.gentoo.org/glsa/202210-09 https://access.redhat.com/security/cve/CVE-2021-28875 https://bugzilla.redhat.com/show_bug.cgi?id=1949194 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-252: Unchecked Return Value •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 1

CVE-2021-28876 – rust: panic safety issue in Zip implementation

https://notcve.org/view.php?id=CVE-2021-28876

In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, la implementación de Zip presenta un problema de seguridad de pánico. Llama a la función __iterator_get_unchecked() más de una vez para el mismo índice cuando el iterador subyacente entra en pánico (en determinadas condiciones). • https://github.com/rust-lang/rust/issues/81740 https://github.com/rust-lang/rust/pull/81741 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CZ337CM4GFJLRDFVQCGC7J25V65JXOG5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFUO3URYCO73D2Q4WYJBWAMJWGGVXQO4 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VZG65GUW6Z2CYOQHF7T3TB5CZKIX6ZJE https://security.gentoo.org/glsa/202210-09 https://access.redhat • CWE-755: Improper Handling of Exceptional Conditions •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2021-28877 – rust: memory safety violation in Zip implementation for nested iter::Zips

https://notcve.org/view.php?id=CVE-2021-28877

In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. This bug can lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. En la biblioteca estándar en Rust versiones anteriores a 1.51.0, la implementación de Zip llama a la función __iterator_get_unchecked() para el mismo índice más de una vez cuando está anidado. Este bug puede conllevar a una violación de seguridad de la memoria debido a un requisito de seguridad no cumplido para el rasgo TrustedRandomAccess • https://github.com/rust-lang/rust/pull/80670 https://security.gentoo.org/glsa/202210-09 https://access.redhat.com/security/cve/CVE-2021-28877 https://bugzilla.redhat.com/show_bug.cgi?id=1949204 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •