rpm package
opensuse/rust&distro=openSUSE Leap 15.1
pkg:rpm/opensuse/rust&distro=openSUSE%20Leap%2015.1
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-1967 | — | < 1.43.1-lp151.5.13.1 | 1.43.1-lp151.5.13.1 | Apr 21, 2020 | Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognise | ||
| CVE-2019-12083 | — | < 1.36.0-lp151.5.4.1 | 1.36.0-lp151.5.4.1 | May 13, 2019 | The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, | ||
| CVE-2018-1000622 | — | < 1.36.0-lp151.5.4.1 | 1.36.0-lp151.5.4.1 | Jul 9, 2018 | The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag |
- CVE-2020-1967Apr 21, 2020affected < 1.43.1-lp151.5.13.1fixed 1.43.1-lp151.5.13.1
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognise
- CVE-2019-12083May 13, 2019affected < 1.36.0-lp151.5.4.1fixed 1.36.0-lp151.5.4.1
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type,
- CVE-2018-1000622Jul 9, 2018affected < 1.36.0-lp151.5.4.1fixed 1.36.0-lp151.5.4.1
The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag