Security Vulnerabilities - CVEs Published In 2020
An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uninitialized memory.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-12-31
An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-12-31
An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface.
CVSS Score
9.8
EPSS Score
0.02
Published
2020-12-31
An issue was discovered in the flatbuffers crate through 2020-04-11 for Rust. read_scalar (and read_scalar_at) can transmute values without unsafe blocks.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
An issue was discovered in the os_str_bytes crate before 2.0.0 for Rust. It has false expectations about char::from_u32_unchecked behavior.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via VTab / VTabCursor.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via create_module.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via UnlockNotification.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because rusqlite::trace::log mishandles format strings.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31