Vulnerabilities > Rust Lang > Rust > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-24 | CVE-2023-40030 | Cross-site Scripting vulnerability in Rust-Lang Rust Cargo downloads a Rust project’s dependencies and compiles the project. | 6.1 |
| 2022-01-20 | CVE-2022-21658 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. | 6.3 |
| 2021-04-11 | CVE-2021-28876 | Improper Handling of Exceptional Conditions vulnerability in multiple products In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. | 5.3 |
| 2021-04-11 | CVE-2020-36317 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. | 5.0 |
| 2019-07-15 | CVE-2019-1010299 | Information Exposure vulnerability in Rust-Lang Rust The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. | 5.0 |
| 2018-08-20 | CVE-2018-1000657 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rust-Lang Rust Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. | 4.6 |