Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2022-27943
libiberty/rust-demangle.c in GNU GCC 11.2 allows stack consumption in demangle_const, as demonstrated by nm-new.
Gnu Gcc 11.2
Fedoraproject Fedora 36
6.5
CVSSv3
CVE-2021-32256
An issue exists in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.
Gnu Binutils 2.36
7.5
CVSSv3
CVE-2022-36125
It is possible to crash (panic) an application by providing a corrupted data to be read. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which addresses this issue.
Apache Avro
7.5
CVSSv3
CVE-2022-35724
It is possible to provide data to be read that leads the reader to loop in cycles endlessly, consuming CPU. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14.0 which address...
Apache Avro
7.5
CVSSv3
CVE-2022-36124
It is possible for a Reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system. This issue affects Rust applications using Apache Avro Rust SDK before 0.14.0 (previously known as avro-rs). Users should update to apache-avro version 0.14....
Apache Avro
9.8
CVSSv3
CVE-2021-28305
An issue exists in the diesel crate prior to 1.4.6 for Rust. There is a use-after-free in the SQLite backend because the semantics of sqlite3_column_name are not followed.
Diesel Diesel
7.5
CVSSv3
CVE-2020-35894
An issue exists in the obstack crate prior to 0.1.4 for Rust. Unaligned references can occur.
Obstack Project Obstack
7.5
CVSSv3
CVE-2018-20999
An issue exists in the orion crate prior to 0.11.2 for Rust. reset() calls cause incorrect results.
Orion Project Orion
5.3
CVSSv3
CVE-2017-18587
An issue exists in the hyper crate prior to 0.9.18 for Rust. It mishandles newlines in headers.
Hyper Hyper
5.3
CVSSv3
CVE-2020-28247
The lettre library up to and including 0.10.0-alpha for Rust allows arbitrary sendmail option injection via transport/sendmail/mod.rs.
Lettre Lettre 0.7.0
Lettre Lettre
Lettre Lettre 0.10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »