Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Rust
(Rust\-Lang)| Repositories | https://github.com/rust-lang/rust |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-10 | CVE-2024-3566 | A command inject vulnerability allows an attacker to perform command injection on Windows applications that indirectly depend on the CreateProcess function when the specific conditions are satisfied. | Go, Process_library, Node\.js, Php, Rust, Yt\-Dlp | 9.8 | ||
| 2021-04-11 | CVE-2020-36317 | In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. | Rust | 7.5 | ||
| 2021-04-11 | CVE-2020-36318 | In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. | Rust | 9.8 |