Vulnerabilities > Rust Lang
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-12-31 | CVE-2020-35907 | NULL Pointer Dereference vulnerability in Rust-Lang Futures-Task An issue was discovered in the futures-task crate before 0.3.5 for Rust. | 2.1 |
2020-12-31 | CVE-2020-35906 | Use After Free vulnerability in Rust-Lang Futures-Task An issue was discovered in the futures-task crate before 0.3.6 for Rust. | 7.2 |
2020-12-31 | CVE-2020-35905 | Race Condition vulnerability in Rust-Lang Future-Utils An issue was discovered in the futures-util crate before 0.3.7 for Rust. | 1.9 |
2020-12-21 | CVE-2020-26281 | HTTP Request Smuggling vulnerability in Rust-Lang Async-H1 async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). | 5.8 |
2019-09-30 | CVE-2019-16760 | Download of Code Without Integrity Check vulnerability in Rust-Lang Rust Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. | 7.5 |
2019-07-15 | CVE-2019-1010299 | Information Exposure vulnerability in Rust-Lang Rust The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. | 5.0 |
2019-05-13 | CVE-2019-12083 | Out-of-bounds Write vulnerability in multiple products The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. | 8.1 |
2018-10-08 | CVE-2018-1000810 | Integer Overflow or Wraparound vulnerability in Rust-Lang Rust The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. | 9.8 |
2018-08-20 | CVE-2018-1000657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. | 4.6 |
2018-07-09 | CVE-2018-1000622 | Uncontrolled Search Path Element vulnerability in Rust-Lang Rust The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. | 7.8 |