Vulnerabilities > Rust Lang > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-31 | CVE-2020-35906 | Use After Free vulnerability in Rust-Lang Futures-Task An issue was discovered in the futures-task crate before 0.3.6 for Rust. | 7.8 |
| 2020-12-21 | CVE-2020-26281 | Unspecified vulnerability in Rust-Lang Async-H1 async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). | 7.5 |
| 2019-09-30 | CVE-2019-16760 | Download of Code Without Integrity Check vulnerability in Rust-Lang Rust Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. | 7.5 |
| 2019-05-13 | CVE-2019-12083 | Out-of-bounds Write vulnerability in multiple products The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. | 8.1 |
| 2018-08-20 | CVE-2018-1000657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. | 7.8 |
| 2018-07-09 | CVE-2018-1000622 | Uncontrolled Search Path Element vulnerability in Rust-Lang Rust The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. | 7.8 |