CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-43402 – Rust OS Command Injection/Argument Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-43402
04 Sep 2024 — Rust is a programming language. The fix for CVE-2024-24576, where `std::process::Command` incorrectly escaped arguments when invoking batch files on Windows, was incomplete. Prior to Rust version 1.81.0, it was possible to bypass the fix when the batch file name had trailing whitespace or periods (which are ignored and stripped by Windows). To determine whether to apply the `cmd.exe` escaping rules, the original fix for the vulnerability checked whether the command name ended with `.bat` or `.cmd`. At the t... • https://blog.rust-lang.org/2024/04/09/cve-2024-24576.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 10.0EPSS: 80%CPEs: 1EXPL: 10CVE-2024-24576 – Rusts's `std::process::Command` did not properly escape arguments of batch files on Windows
https://notcve.org/view.php?id=CVE-2024-24576
09 Apr 2024 — Rust is a programming language. The Rust Security Response WG was notified that the Rust standard library prior to version 1.77.2 did not properly escape arguments when invoking batch files (with the `bat` and `cmd` extensions) on Windows using the `Command`. An attacker able to control the arguments passed to the spawned process could execute arbitrary shell commands by bypassing the escaping. The severity of this vulnerability is critical for those who invoke batch files on Windows with untrusted argument... • https://github.com/aydinnyunus/CVE-2024-24576-Exploit • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •
CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 3CVE-2022-21658 – Race condition in std::fs::remove_dir_all in rustlang
https://notcve.org/view.php?id=CVE-2022-21658
20 Jan 2022 — Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this v... • https://github.com/sagittarius-a/cve-2022-21658 • CWE-363: Race Condition Enabling Link Following CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 2CVE-2021-29922 – rust: incorrect parsing of extraneous zero characters at the beginning of an IP address string
https://notcve.org/view.php?id=CVE-2021-29922
07 Aug 2021 — library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. El archivo library/std/src/net/parser.rs en Rust versiones anteriores a 1.53.0, no considera apropiadamente los caracteres cero extraños al principio de una cadena de direcciones IP, lo que (en algunas situaciones) permi... • https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis • CWE-20: Improper Input Validation •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2017-20004
https://notcve.org/view.php?id=CVE-2017-20004
14 Apr 2021 — In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 119.0, se presenta un problema de sincronización en el objeto MutexGuard. MutexGuards puede ser usada en subprocesos de cualquier tipo, permitiendo problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/41622 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2020-36323 – rust: optimization for joining strings can cause uninitialized bytes to be exposed
https://notcve.org/view.php?id=CVE-2020-36323
14 Apr 2021 — In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. En la biblioteca standard en Rust versiones anteriores a 1.52.0, se presenta una optimización para unir cadenas que pueden causar que los bytes no inicializados queden expuestos (o que el programa se bloquee) si la cadena prestada cambia después de que su longitud es comprobada Rust T... • https://github.com/rust-lang/rust/issues/80335 • CWE-20: Improper Input Validation CWE-134: Use of Externally-Controlled Format String •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2018-25008
https://notcve.org/view.php?id=CVE-2018-25008
14 Apr 2021 — In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. En la biblioteca estándar en Rust versiones anteriores a 129.0, se presenta una sincronización débil en el método Arc::get_mut. Este problema de sincronización puede conllevar problemas de seguridad de la memoria a través de condiciones de carrera • https://github.com/rust-lang/rust/issues/51780 • CWE-662: Improper Synchronization •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 1CVE-2021-31162 – rust: double free in Vec::from_iter function if freeing the element panics
https://notcve.org/view.php?id=CVE-2021-31162
14 Apr 2021 — In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. En la biblioteca estándar de Rust versiones anteriores a 1.52.0, se puede producir una doble liberación en la función Vec::from_iter si se libera los pánicos del elemento Rust Toolset provides the Rust programming language compiler rustc, the cargo build tool and dependency manager, the cargo-vendor plugin, and required libraries. Issues addressed include buffer overflow, doub... • https://github.com/rust-lang/rust/issues/83618 • CWE-415: Double Free CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2015-20001
https://notcve.org/view.php?id=CVE-2015-20001
11 Apr 2021 — In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory safety violation. En la biblioteca estándar de Rust versiones anteriores a 1.2.0, BinaryHeap no es a prueba de pánico. La pila del binario es dejada en un estado inconsistente cuando la comparación de elemen... • https://github.com/rust-lang/rust/issues/25842 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36317 – rust: memory safety violation in String::retain()
https://notcve.org/view.php?id=CVE-2020-36317
11 Apr 2021 — In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. En la biblioteca estándar en Rust versiones anteriores a 1.49.0, la función String::retener() presenta un problema de seguridad de pánico. Permite una creación de una cadena Rust que no sea UTF-8 c... • https://github.com/rust-lang/rust/issues/78498 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •