Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2022-27943
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
Gnu Gcc 11.2
Fedoraproject Fedora 36
NA
CVE-2021-32256
An issue exists in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
Gnu Binutils 2.36
NA
CVE-2022-36125
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
Apache Avro
NA
CVE-2022-35724
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which address...
Apache Avro
NA
CVE-2022-36124
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14....
Apache Avro
7.5
CVSSv2
CVE-2021-28305
An issue exists in the diesel crate prior to 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
Diesel Diesel
5
CVSSv2
CVE-2020-35894
An issue exists in the obstack crate prior to 0.1.4 for Rust. Unaligned references can occur.
Obstack Project Obstack
5
CVSSv2
CVE-2018-20999
An issue exists in the orion crate prior to 0.11.2 for Rust. reset() calls cause incorrect results.
Orion Project Orion
5
CVSSv2
CVE-2017-18587
An issue exists in the hyper crate prior to 0.9.18 for Rust. It mishandles newlines in headers.
Hyper Hyper
5
CVSSv2
CVE-2020-28247
The lettre library up to and including 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.
Lettre Lettre 0.7.0
Lettre Lettre
Lettre Lettre 0.10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »