Vulnerabilities > Rust Lang > Rust > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-04 | CVE-2024-43402 | Argument Injection or Modification vulnerability in Rust-Lang Rust Rust is a programming language. | 8.8 |
| 2021-04-14 | CVE-2020-36323 | Use of Externally-Controlled Format String vulnerability in multiple products In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked. | 8.2 |
| 2021-04-11 | CVE-2021-28878 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the same index (under certain conditions) when next_back() and next() are used together. | 7.5 |
| 2021-04-11 | CVE-2021-28877 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index more than once when nested. | 7.5 |
| 2021-04-11 | CVE-2021-28875 | Unchecked Return Value vulnerability in Rust-Lang Rust In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. | 7.5 |
| 2021-04-11 | CVE-2020-36318 | Use After Free vulnerability in Rust-Lang Rust 1.48.0 In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. | 7.5 |
| 2019-09-30 | CVE-2019-16760 | Download of Code Without Integrity Check vulnerability in Rust-Lang Rust Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. | 7.5 |
| 2019-05-13 | CVE-2019-12083 | Out-of-bounds Write vulnerability in multiple products The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. | 8.1 |
| 2018-07-09 | CVE-2018-1000622 | Uncontrolled Search Path Element vulnerability in Rust-Lang Rust The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. | 7.8 |