Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust-lang vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2020-35908
An issue exists in the futures-util crate prior to 0.3.2 for Rust. FuturesUnordered can lead to data corruption because Sync is mishandled.
Rust-lang Future-utils
6.1
CVSSv3
CVE-2020-36202
An issue exists in the async-h1 crate prior to 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy.
Rust-lang Async-h1
4.7
CVSSv3
CVE-2020-35905
An issue exists in the futures-util crate prior to 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations (in safe code).
Rust-lang Future-utils
5.5
CVSSv3
CVE-2020-35907
An issue exists in the futures-task crate prior to 0.3.5 for Rust. futures_task::noop_waker_ref allows a NULL pointer dereference.
Rust-lang Futures-task
7.5
CVSSv3
CVE-2020-26281
async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server d...
Rust-lang Async-h1
7.3
CVSSv3
CVE-2023-38497
Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files...
Rust-lang Cargo
Fedoraproject Fedora 38
8.2
CVSSv3
CVE-2020-36323
In the standard library in Rust prior to 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
5.3
CVSSv3
CVE-2021-28876
In the standard library in Rust prior to 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation du...
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
7.5
CVSSv3
CVE-2021-28878
In the standard library in Rust prior to 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet sa...
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.8
CVSSv3
CVE-2021-28879
In the standard library in Rust prior to 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »