Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-16143
An issue exists in the blake2 crate prior to 0.8.1 for Rust. The BLAKE2b and BLAKE2s algorithms, when used with HMAC, produce incorrect results because the block sizes are half of the required sizes.
Blake2 Blake2-rust
NA
CVE-2022-46176
Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle (MITM) attacks. This vulnerability has been ...
Rust-lang Cargo
2.1
CVSSv2
CVE-2020-35920
An issue exists in the socket2 crate prior to 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation.
Rust-lang Socket2
NA
CVE-2022-36113
Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the ~/.cargo folder on disk, making it available to the Rust projects it builds. To record when an extraction is successful, Cargo writes "ok" ...
Rust-lang Cargo
1 Github repository
NA
CVE-2022-36114
Cargo is a package manager for the rust programming language. It exists that Cargo did not limit the amount of data extracted from compressed archives. An attacker could upload to an alternate registry a specially crafted package that extracts way more data than its size (also kn...
Rust-lang Cargo
4.3
CVSSv2
CVE-2020-26297
mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an malicious user to execute arbitrary JavaScript code on the page. The...
Rust-lang Mdbook
2 Github repositories
4.3
CVSSv2
CVE-2020-36202
An issue exists in the async-h1 crate prior to 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy.
Rust-lang Async-h1
1.9
CVSSv2
CVE-2020-35905
An issue exists in the futures-util crate prior to 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations (in safe code).
Rust-lang Future-utils
2.1
CVSSv2
CVE-2020-35908
An issue exists in the futures-util crate prior to 0.3.2 for Rust. FuturesUnordered can lead to data corruption because Sync is mishandled.
Rust-lang Future-utils
7.2
CVSSv2
CVE-2020-35906
An issue exists in the futures-task crate prior to 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a non-static type situation.
Rust-lang Futures-task
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »