VYPR
Vendor

Rust

Products
22
CVEs
9
Across products
9
Status
Private

Products

22

Recent CVEs

9
  • CVE-2018-1000810CriOct 8, 2018
    risk 0.64cvss 9.8epss 0.03

    The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable…

  • CVE-2019-12083HigMay 13, 2019
    risk 0.53cvss 8.1epss 0.02

    The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type,…

  • CVE-2018-1000622HigJul 9, 2018
    risk 0.51cvss 7.8epss 0.02

    The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin…

  • CVE-2020-36317HigApr 11, 2021
    risk 0.42cvss 7.5epss 0.02

    In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8…

  • CVE-2015-20001HigApr 11, 2021
    risk 0.42cvss 7.5epss 0.01

    In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which…

  • CVE-2024-35313HigMay 17, 2024
    risk 0.40cvss 7.3epss 0.00

    In Tor Arti before 1.2.3, circuits sometimes incorrectly have a length of 3 (with full vanguards), aka TROVE-2024-004.

  • CVE-2024-35312MedMay 17, 2024
    risk 0.33cvss 6.2epss 0.00

    In Tor Arti before 1.2.3, STUB circuits incorrectly have a length of 2 (with lite vanguards), aka TROVE-2024-003.

  • CVE-2019-1010299MedJul 15, 2019
    risk 0.00cvss 5.3epss 0.02

    The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for…

  • CVE-2018-1000657HigAug 20, 2018
    risk 0.00cvss 7.8epss 0.01

    Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary…