Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39252
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust, and matrix-sdk-crypto is the Matrix encryption library. Prior to version 0.6, when a user requests a room key from their devices, the software correctly remembers the request. When the user receives a...
Matrix Matrix-rust-sdk
383
VMScore
CVE-2020-36202
An issue exists in the async-h1 crate prior to 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy.
Rust-lang Async-h1
641
VMScore
CVE-2020-35906
An issue exists in the futures-task crate prior to 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a non-static type situation.
Rust-lang Futures-task
187
VMScore
CVE-2020-35907
An issue exists in the futures-task crate prior to 0.3.5 for Rust. futures_task::noop_waker_ref allows a NULL pointer dereference.
Rust-lang Futures-task
NA
CVE-2023-50711
vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version 0.12.0, an issue in the `FamStructWrapper::deserialize` implementation provided by the crate for `vmm_sys_util::fam::Fa...
Rust-vmm Vmm-sys-util
NA
CVE-2022-36086
linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller tha...
Rust-osdev Linked-list-allocator
295
VMScore
CVE-2022-21658
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink...
Rust-lang Rust
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Apple Macos
Apple Tvos
Apple Iphone Os
Apple Ipados
Apple Watchos
3 Github repositories
NA
CVE-2023-38497
Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files...
Rust-lang Cargo
Fedoraproject Fedora 38
446
VMScore
CVE-2022-24713
regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane...
Rust-lang Regex
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
3 Github repositories
NA
CVE-2024-3296
A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages fo...
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »