Vulnerabilities > Rust Lang > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-40030 | Cross-site Scripting vulnerability in Rust-Lang Rust Cargo downloads a Rust project’s dependencies and compiles the project. | 6.1 |
| 2023-01-11 | CVE-2022-46176 | Improper Verification of Cryptographic Signature vulnerability in Rust-Lang Cargo Cargo is a Rust package manager. | 5.9 |
| 2022-09-14 | CVE-2022-36114 | Resource Exhaustion vulnerability in Rust-Lang Cargo Cargo is a package manager for the rust programming language. | 6.5 |
| 2022-01-20 | CVE-2022-21658 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. | 6.3 |
| 2021-04-11 | CVE-2021-28876 | Improper Handling of Exceptional Conditions vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. | 5.3 |
| 2021-04-11 | CVE-2020-36317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. | 5.0 |
| 2021-01-04 | CVE-2020-26297 | Cross-site Scripting vulnerability in Rust-Lang Mdbook mdBook is a utility to create modern online books from Markdown files and is written in Rust. | 4.3 |
| 2020-12-21 | CVE-2020-26281 | HTTP Request Smuggling vulnerability in Rust-Lang Async-H1 async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). | 5.8 |
| 2019-07-15 | CVE-2019-1010299 | Information Exposure vulnerability in Rust-Lang Rust The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. | 5.0 |
| 2018-08-20 | CVE-2018-1000657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. | 4.6 |