Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2018-1000657
Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary cod...
Rust-lang Rust
4.3
CVSSv2
CVE-2017-20004
In the standard library in Rust prior to 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.
Rust-lang Rust
5
CVSSv2
CVE-2020-36317
In the standard library in Rust prior to 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encod...
Rust-lang Rust
1 Github repository
7.5
CVSSv2
CVE-2020-36318
In the standard library in Rust prior to 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free.
Rust-lang Rust
2 Github repositories
5
CVSSv2
CVE-2021-45712
An issue exists in the rust-embed crate prior to 6.3.0 for Rust. A ../ directory traversal can sometimes occur in debug mode.
Rust-embed Project Rust-embed
4.3
CVSSv2
CVE-2019-1010182
yaml-rust 0.4.0 and previous versions is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::load_from_str function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4...
Yaml-rust Project Yaml-rust
6.4
CVSSv2
CVE-2020-25016
A safety violation exists in the rgb crate prior to 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations.
Rgb-rust Project Rgb-rust
6.8
CVSSv2
CVE-2016-10931
An issue exists in the openssl crate prior to 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification.
Rust-openssl Project Rust-openssl
1 Github repository
7.5
CVSSv2
CVE-2017-1000430
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions
Rust-base64 Project Rust-base64
5
CVSSv2
CVE-2018-20993
An issue exists in the yaml-rust crate prior to 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
Yaml-rust Project Yaml-rust
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »