Vulnerabilities > Rust Lang > Rust > 1.8.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-01-20 | CVE-2022-21658 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. | 6.3 |
| 2021-08-07 | CVE-2021-29922 | Unspecified vulnerability in Rust-Lang Rust library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. | 9.1 |
| 2021-04-14 | CVE-2020-36323 | Use of Externally-Controlled Format String vulnerability in multiple products In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | 8.2 |
| 2021-04-11 | CVE-2021-28879 | Integer Overflow or Wraparound vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow. | 9.8 |
| 2021-04-11 | CVE-2021-28878 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. | 7.5 |
| 2021-04-11 | CVE-2021-28877 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. | 7.5 |
| 2021-04-11 | CVE-2021-28876 | Improper Handling of Exceptional Conditions vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. | 5.3 |
| 2021-04-11 | CVE-2021-28875 | Unchecked Return Value vulnerability in Rust-Lang Rust In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. | 7.5 |
| 2021-04-11 | CVE-2020-36317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. | 5.0 |
| 2019-09-30 | CVE-2019-16760 | Download of Code Without Integrity Check vulnerability in Rust-Lang Rust Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. | 7.5 |