Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-1010182
yaml-rust 0.4.0 and previous versions is affected by: Uncontrolled Recursion. The impact is: Denial of service by impossible to catch abort. The component is: YamlLoader::load_from_str function. The attack vector is: Parsing of a malicious YAML document. The fixed version is: 0.4...
Yaml-rust Project Yaml-rust
4.4
CVSSv3
CVE-2021-20332
Specific MongoDB Rust Driver versions can include credentials used by the connection pool to authenticate connections in the monitoring event that is emitted when the pool is created. The user's logging infrastructure could then potentially ingest these events and unexpected...
Mongodb Rust Driver
Mongodb Rust Driver 2.0.0
7.5
CVSSv3
CVE-2019-15544
An issue exists in the protobuf crate prior to 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve calls.
Rust-protobuf Project Rust-protobuf
Apache Hbase 2.2.3
7.5
CVSSv3
CVE-2022-35922
Rust-WebSocket is a WebSocket (RFC6455) library written in Rust. In versions before 0.26.5 untrusted websocket connections can cause an out-of-memory (OOM) process abort in a client or a server. The root cause of the issue is during dataframe parsing. Affected versions would allo...
Rust-websocket Project Rust-websocket
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv3
CVE-2021-28878
In the standard library in Rust prior to 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet sa...
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.8
CVSSv3
CVE-2021-28879
In the standard library in Rust prior to 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
8.2
CVSSv3
CVE-2020-36323
In the standard library in Rust prior to 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
8.1
CVSSv3
CVE-2019-12083
The Rust Programming Language Standard Library 1.34.x prior to 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other...
Rust-lang Rust
Fedoraproject Fedora 29
Fedoraproject Fedora 30
Opensuse Leap 15.1
5.3
CVSSv3
CVE-2021-28876
In the standard library in Rust prior to 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation du...
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.8
CVSSv3
CVE-2021-31162
In the standard library in Rust prior to 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »