Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-35881
An issue exists in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x.
Traitobject Project Traitobject
384
VMScore
CVE-2022-27943
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
Gnu Gcc 11.2
Fedoraproject Fedora 36
NA
CVE-2021-32256
An issue exists in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
Gnu Binutils 2.36
NA
CVE-2022-36125
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
Apache Avro
NA
CVE-2022-35724
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which address...
Apache Avro
NA
CVE-2022-36124
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14....
Apache Avro
668
VMScore
CVE-2021-28305
An issue exists in the diesel crate prior to 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
Diesel Diesel
445
VMScore
CVE-2020-35894
An issue exists in the obstack crate prior to 0.1.4 for Rust. Unaligned references can occur.
Obstack Project Obstack
446
VMScore
CVE-2020-28247
The lettre library up to and including 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.
Lettre Lettre 0.7.0
Lettre Lettre
Lettre Lettre 0.10.0
445
VMScore
CVE-2018-20999
An issue exists in the orion crate prior to 0.11.2 for Rust. reset() calls cause incorrect results.
Orion Project Orion
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »