Security Vulnerabilities - CVEs Published In 2020
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API use-after-free.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API data race.
CVSS Score
8.1
EPSS Score
0.003
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the repr(Rust) type.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated because sessions.rs has a use-after-free.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the internment crate through 2020-05-28 for Rust. ArcIntern::drop has a race condition and resultant use-after-free.
CVSS Score
8.1
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the tokio-rustls crate before 0.13.1 for Rust. Excessive memory usage may occur when data arrives quickly.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
An issue was discovered in the rio crate through 2020-05-11 for Rust. A struct can be leaked, allowing attackers to obtain sensitive information, cause a use-after-free, or cause a data race.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-12-31
An issue was discovered in the ozone crate through 2020-07-04 for Rust. Memory safety is violated because of out-of-bounds access.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the ozone crate through 2020-07-04 for Rust. Memory safety is violated because of the dropping of uninitialized memory.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
An issue was discovered in the serde_cbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31