Vulnerabilities > Rust Lang
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-43402 | Argument Injection or Modification vulnerability in Rust-Lang Rust Rust is a programming language. | 8.8 |
| 2023-08-24 | CVE-2023-40030 | Cross-site Scripting vulnerability in Rust-Lang Rust Cargo downloads a Rust project’s dependencies and compiles the project. | 6.1 |
| 2023-08-04 | CVE-2023-38497 | Insecure Preserved Inherited Permissions vulnerability in multiple products Cargo downloads the Rust project’s dependencies and compiles the project. | 7.3 |
| 2023-01-11 | CVE-2022-46176 | Improper Verification of Cryptographic Signature vulnerability in Rust-Lang Cargo Cargo is a Rust package manager. | 5.9 |
| 2022-09-14 | CVE-2022-36113 | Path Traversal vulnerability in Rust-Lang Cargo Cargo is a package manager for the rust programming language. | 8.1 |
| 2022-09-14 | CVE-2022-36114 | Resource Exhaustion vulnerability in Rust-Lang Cargo Cargo is a package manager for the rust programming language. | 6.5 |
| 2022-03-08 | CVE-2022-24713 | regex is an implementation of regular expressions for the Rust language. | 7.5 |
| 2022-01-20 | CVE-2022-21658 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. | 6.3 |
| 2021-08-07 | CVE-2021-29922 | Unspecified vulnerability in Rust-Lang Rust library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. | 9.1 |
| 2021-04-14 | CVE-2021-31162 | Double Free vulnerability in multiple products In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics. | 9.8 |