Categories ⋅ Keywords ⋅ Packages Advisories in category 'memory-exposure' July 18, 2024 RUSTSEC-2024-0354: Vulnerability in vodozemac Usage of non-constant time base64 decoder could lead to leakage of secret key material May 20, 2024 RUSTSEC-2024-0342: Vulnerability in vodozemac Degraded secret zeroization capabilities February 28, 2024 INFO RUSTSEC-2024-0017: Unsoundness in cassandra-cpp Non-idiomatic use of iterators leads to use after free January 23, 2024 INFO RUSTSEC-2024-0007: Unsoundness in rust-i18n-support Use-after-free when setting the locale September 6, 2023 LOW RUSTSEC-2023-0056: Unsoundness in vm-memory Default functions in VolatileMemory trait lack bounds checks, potentially leading to out-of-bounds memory accesses June 20, 2023 RUSTSEC-2023-0044: Vulnerability in openssl openssl X509VerifyParamRef::set_host buffer over-read March 25, 2023 MEDIUM RUSTSEC-2023-0030: Vulnerability in versionize Versionize::deserialize implementation for FamStructWrapper<T> is lacking bound checks, potentially leading to out of bounds memory accesses February 25, 2023 INFO RUSTSEC-2023-0016: Unsoundness in partial_sort Possible out-of-bounds read in release mode February 7, 2023 RUSTSEC-2023-0006: Vulnerability in openssl-src X.400 address type confusion in X.509 GeneralName February 7, 2023 RUSTSEC-2023-0008: Vulnerability in openssl-src X.509 Name Constraints Read Buffer Overflow February 3, 2023 INFO RUSTSEC-2023-0005: Unsoundness in tokio tokio::io::ReadHalf<T>::unsplit is Unsound January 14, 2023 INFO RUSTSEC-2022-0078: Unsoundness in bumpalo Use-after-free due to a lifetime error in Vec::into_iter() January 12, 2023 HIGH RUSTSEC-2022-0076: Vulnerability in wasmtime Bug in Wasmtime implementation of pooling instance allocator January 12, 2023 RUSTSEC-2022-0075: Vulnerability in wasmtime Bug in pooling instance allocator November 30, 2022 RUSTSEC-2022-0068: Vulnerability in capnp out-of-bounds read possible when setting list-of-pointers August 17, 2022 INFO RUSTSEC-2022-0049: Unsoundness in iana-time-zone Use after free in MacOS / iOS implementation August 13, 2022 INFO RUSTSEC-2021-0138: Unsoundness in mz-avro Incorrect use of set_len allows for un-initialized memory August 8, 2022 RUSTSEC-2018-0022: Vulnerability in temporary Use of uninitialized memory in temporary May 23, 2022 RUSTSEC-2022-0028: Vulnerability in neon Use after free in Neon external buffers April 27, 2022 INFO RUSTSEC-2022-0017: Unsoundness in array-macro array! macro is unsound when its length is impure constant March 31, 2022 RUSTSEC-2022-0016: Vulnerability in wasmtime Use after free with externrefs and epoch interruption in Wasmtime February 18, 2022 INFO RUSTSEC-2022-0010: Unsoundness in enum-map enum_map macro can cause UB when Enum trait is incorrectly implemented January 13, 2022 RUSTSEC-2022-0002: Vulnerability in dashmap Unsoundness in dashmap references September 29, 2021 RUSTSEC-2021-0117: Vulnerability in arrow DecimalArray does not perform bound checks on accessing values and offsets September 29, 2021 RUSTSEC-2021-0116: Vulnerability in arrow BinaryArray does not perform bound checks on reading values and offsets September 29, 2021 RUSTSEC-2021-0118: Vulnerability in arrow FixedSizeBinaryArray does not perform bound checks on accessing values and offsets September 18, 2021 INFO RUSTSEC-2021-0112: Unsoundness in tectonic_xdv Read on uninitialized buffer may cause UB ('tectonic_xdv' crate) September 18, 2021 RUSTSEC-2021-0111: Vulnerability in tremor-script Memory Safety Issue when using patch or merge on state and assign the result back to state September 17, 2021 MEDIUM RUSTSEC-2021-0110: Vulnerability in wasmtime Multiple Vulnerabilities in Wasmtime August 21, 2021 INFO RUSTSEC-2021-0085: Unsoundness in binjs_io 'Read' on uninitialized memory may cause UB August 21, 2021 INFO RUSTSEC-2021-0086: Unsoundness in flumedb Read on uninitialized buffer may cause UB ( read_entry() ) August 21, 2021 INFO RUSTSEC-2021-0084: Unsoundness in bronzedb-protocol Read on uninitialized buffer can cause UB (impl of ReadKVExt) August 21, 2021 INFO RUSTSEC-2021-0090: Unsoundness in ash Reading on uninitialized memory may cause UB ( util::read_spv() ) August 21, 2021 INFO RUSTSEC-2020-0154: Unsoundness in buffoon InputStream::read_exact : Read on uninitialized buffer causes UB August 21, 2021 INFO RUSTSEC-2020-0155: Unsoundness in acc_reader Read on uninitialized buffer in fill_buf() and read_up_to() August 21, 2021 INFO RUSTSEC-2020-0153: Unsoundness in bite read on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max) August 21, 2021 INFO RUSTSEC-2021-0088: Unsoundness in csv-sniffer Read on uninitialized memory may cause UB (fn preamble_skipcount()) August 21, 2021 INFO RUSTSEC-2021-0095: Unsoundness in mopa mopa is technically unsound August 21, 2021 INFO RUSTSEC-2021-0091: Unsoundness in gfx-auxil Reading on uninitialized buffer may cause UB ( gfx_auxil::read_spirv() ) August 21, 2021 INFO RUSTSEC-2021-0094: Unsoundness in rdiff Window can read out of bounds if Read instance returns more bytes than buffer size August 21, 2021 INFO RUSTSEC-2021-0087: Unsoundness in columnar columnar: Read on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec()) August 21, 2021 RUSTSEC-2021-0092: Vulnerability in messagepack-rs Deserialization functions pass uninitialized memory to user-provided Read July 6, 2021 CVE-2019-1010299: Vulnerability in std vec_deque::Iter has unsound Debug implementation July 6, 2021 CVE-2020-36323: Vulnerability in std API soundness issue in join() implementation of [Borrow<str>] June 6, 2021 RUSTSEC-2021-0070: Vulnerability in nalgebra VecStorage Deserialize Allows Violation of Length Invariant May 22, 2021 HIGH RUSTSEC-2021-0067: Vulnerability in cranelift-codegen Memory access due to code generation flaw in Cranelift module April 29, 2021 HIGH RUSTSEC-2021-0054: Vulnerability in rkyv Archives may contain uninitialized memory April 2, 2021 CRITICAL RUSTSEC-2021-0051: Vulnerability in outer_cgi KeyValueReader passes uninitialized memory to Read instance March 26, 2021 HIGH RUSTSEC-2021-0043: Vulnerability in uu_od PartialReader passes uninitialized memory to user-provided Read March 1, 2021 HIGH RUSTSEC-2021-0029: Vulnerability in truetype Tape::take_bytes exposes uninitialized memory to a user-provided Read February 27, 2021 HIGH RUSTSEC-2020-0145: Unsoundness in heapless Use-after-free when cloning a partially consumed Vec iterator February 4, 2021 RUSTSEC-2021-0019: Vulnerability in xcb Multiple soundness issues January 31, 2021 HIGH RUSTSEC-2021-0016: Vulnerability in ms3d IoReader::read(): user-provided Read on uninitialized buffer may cause UB January 31, 2021 HIGH RUSTSEC-2021-0017: Vulnerability in postscript Read on uninitialized buffer may cause UB (impl Walue for Vec<u8>) January 30, 2021 CRITICAL RUSTSEC-2021-0015: Vulnerability in calamine Sectors::get accesses unclaimed/uninitialized memory January 27, 2021 HIGH RUSTSEC-2021-0014: Vulnerability in marc Record::read : Custom Read on uninitialized buffer may cause UB January 27, 2021 CRITICAL RUSTSEC-2020-0123: Vulnerability in libp2p-deflate Contents of uninitialized memory exposed in DeflateOutput's AsyncRead implementation January 24, 2021 CRITICAL RUSTSEC-2021-0012: Vulnerability in cdr Reading uninitialized memory can cause UB (Deserializer::read_vec) January 20, 2021 CRITICAL RUSTSEC-2021-0008: Vulnerability in bra reading on uninitialized buffer can cause UB (impl<R> BufRead for GreedyAccessReader<R>) January 19, 2021 HIGH RUSTSEC-2021-0007: Vulnerability in av-data Frame::copy_from_raw_parts can lead to segfault without unsafe October 1, 2020 HIGH RUSTSEC-2020-0006: Vulnerability in bumpalo Flaw in realloc allows reading unknown memory October 1, 2020 CRITICAL RUSTSEC-2020-0004: Vulnerability in lucet-runtime-internals sigstack allocation bug can cause memory corruption or leak October 1, 2020 CRITICAL RUSTSEC-2020-0021: Vulnerability in rio rio allows a use-after-free buffer access when a future is leaked