Known Vulnerabilities for products from Rust-lang
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Rust-lang".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24713 | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2022-03-08 | 2023-11-07 |
| CVE-2022-21658 | Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurren... | 6.3 - MEDIUM | 2022-01-20 | 2023-11-07 |
| CVE-2021-31162 | In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element ... | 9.8 - CRITICAL | 2021-04-14 | 2023-11-07 |
| CVE-2021-29922 | library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of... | 9.1 - CRITICAL | 2021-08-07 | 2022-11-07 |
| CVE-2021-28879 | In the standard library in Rust before 1.52.0, the Zip implementation can report an incorrect size due to an integer overflow... | 9.8 - CRITICAL | 2021-04-11 | 2023-11-07 |
| CVE-2021-28878 | In the standard library in Rust before 1.52.0, the Zip implementation calls __iterator_get_unchecked() more than once for the... | 7.5 - HIGH | 2021-04-11 | 2023-11-07 |
| CVE-2021-28877 | In the standard library in Rust before 1.51.0, the Zip implementation calls __iterator_get_unchecked() for the same index mor... | 7.5 - HIGH | 2021-04-11 | 2022-11-03 |
| CVE-2021-28876 | In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unche... | 5.3 - MEDIUM | 2021-04-11 | 2023-11-07 |
| CVE-2021-28875 | In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe contex... | 7.5 - HIGH | 2021-04-11 | 2022-11-03 |
| CVE-2020-36323 | In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized byte... | 8.2 - HIGH | 2021-04-14 | 2023-11-07 |
| CVE-2020-36318 | In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once ... | 9.8 - CRITICAL | 2021-04-11 | 2021-04-26 |
| CVE-2020-36317 | In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a ... | 7.5 - HIGH | 2021-04-11 | 2022-06-28 |
| CVE-2020-36202 | An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse p... | 6.1 - MEDIUM | 2021-01-26 | 2021-02-10 |
| CVE-2020-35920 | An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr... | 5.5 - MEDIUM | 2020-12-31 | 2021-01-06 |
| CVE-2020-35908 | An issue was discovered in the futures-util crate before 0.3.2 for Rust. FuturesUnordered can lead to data corruption because... | 5.5 - MEDIUM | 2020-12-31 | 2021-01-06 |
| CVE-2020-35907 | An issue was discovered in the futures-task crate before 0.3.5 for Rust. futures_task::noop_waker_ref allows a NULL pointer d... | 5.5 - MEDIUM | 2020-12-31 | 2021-01-06 |
| CVE-2020-35906 | An issue was discovered in the futures-task crate before 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a ... | 7.8 - HIGH | 2020-12-31 | 2021-01-06 |
| CVE-2020-35905 | An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain cl... | 4.7 - MEDIUM | 2020-12-31 | 2021-01-06 |
| CVE-2020-26297 | mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5,... | 6.1 - MEDIUM | 2021-01-04 | 2021-01-14 |
| CVE-2020-26281 | async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 befo... | 7.5 - HIGH | 2020-12-21 | 2021-02-16 |
Known software with vulnerabilities from Rust-lang
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Rust-lang | Async-h1 | - |
| Application | Rust-lang | Futures-task | - |
| Application | Rust-lang | Future-utils | - |
| Application | Rust-lang | Mdbook | - |
| Application | Rust-lang | Rust | 0.1 |
| Application | Rust-lang | Socket2 | - |