Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rust-lang vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-28878
In the standard library in Rust prior to 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. This bug could lead to a memory safety violation due to an unmet sa...
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
9.8
CVSSv3
CVE-2021-28879
In the standard library in Rust prior to 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. This bug can lead to a buffer overflow when a consumed Zip iterator is used again.
Rust-lang Rust
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Fedoraproject Fedora 34
1 Github repository
6.3
CVSSv3
CVE-2022-21658
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink...
Rust-lang Rust
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Apple Macos
Apple Tvos
Apple Iphone Os
Apple Ipados
Apple Watchos
3 Github repositories
7.5
CVSSv3
CVE-2022-24713
regex is an implementation of regular expressions for the Rust language. The regex crate features built-in mitigations to prevent denial of service attacks caused by untrusted regexes, or untrusted input matched by trusted regexes. Those (tunable) mitigations already provide sane...
Rust-lang Regex
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Debian Debian Linux 11.0
3 Github repositories
9.8
CVSSv3
CVE-2022-45299
An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows malicious users to access arbitrary files via supplying a crafted URL.
Webbrowser Project Webbrowser
2 Github repositories
NA
CVE-2024-28854
tls-listener is a rust lang wrapper around a connection listener to support TLS. With the default configuration of tls-listener, a malicious user can open 6.4 `TcpStream`s a second, sending 0 bytes, and can trigger a DoS. The default configuration options make any public service ...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4