|
199421
|
9.8 |
CRITICAL
Network
|
arr_project
|
arr
|
An issue was discovered in the arr crate through 2020-08-25 for Rust. Uninitialized memory is dropped by Array::new_from_template.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-35888
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199422
|
9.8 |
CRITICAL
Network
|
arr_project
|
arr
|
An issue was discovered in the arr crate through 2020-08-25 for Rust. There is a buffer overflow in Index and IndexMut.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-35887
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199423
|
4.7 |
MEDIUM
Local
|
arr_project
|
arr
|
An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race.
|
CWE-362
Race Condition
|
CVE-2020-35886
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199424
|
9.8 |
CRITICAL
Network
|
alpm-rs_project
|
alpm-rs
|
An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.
|
CWE-415
Double Free
|
CVE-2020-35885
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199425
|
6.5 |
MEDIUM
Network
|
tiny-http_project
fedoraproject
|
tiny-http
fedora
|
An issue was discovered in the tiny_http crate through 2020-06-16 for Rust. HTTP Request smuggling can occur via a malformed Transfer-Encoding header.
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-35884
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199426
|
9.1 |
CRITICAL
Network
|
mozwire_project
|
mozwire
|
An issue was discovered in the mozwire crate through 2020-08-18 for Rust. A ../ directory-traversal situation allows overwriting local files that have .conf at the end of the filename.
|
CWE-22
Path Traversal
|
CVE-2020-35883
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199427
|
8.1 |
HIGH
Network
|
rocket
|
rocket
|
An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race.
|
CWE-362
Race Condition
|
CVE-2020-35882
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199428
|
9.8 |
CRITICAL
Network
|
traitobject_project
|
traitobject
|
An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35881
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199429
|
9.8 |
CRITICAL
Network
|
bigint_project
|
bigint
|
An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation.
|
NVD-CWE-noinfo
|
CVE-2020-35880
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199430
|
9.8 |
CRITICAL
Network
|
rulinalg_project
|
rulinalg
|
An issue was discovered in the rulinalg crate through 2020-02-11 for Rust. There are incorrect lifetime-boundary definitions for RowMut::raw_slice and RowMut::raw_slice_mut.
|
NVD-CWE-noinfo
|
CVE-2020-35879
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
