Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2020
CVE-2019-25002
An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
CVE-2019-25003
An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::check_overflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
CVE-2019-25004
An issue was discovered in the flatbuffers crate before 0.6.1 for Rust. Arbitrary bytes can be reinterpreted as a bool, defeating soundness.
CVSS Score
9.8
EPSS Score
0.002
Published
2020-12-31
CVE-2019-25005
An issue was discovered in the chacha20 crate before 0.2.3 for Rust. A ChaCha20 counter overflow makes it easier for attackers to determine plaintext.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
CVE-2019-25006
An issue was discovered in the streebog crate before 0.8.0 for Rust. The Streebog hash function can produce the wrong answer.
CVSS Score
7.5
EPSS Score
0.002
Published
2020-12-31
CVE-2019-25007
An issue was discovered in the streebog crate before 0.8.0 for Rust. The Streebog hash function can cause a panic.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
CVE-2019-25009
An issue was discovered in the http crate before 0.1.20 for Rust. The HeaderMap::Drain API can use a raw pointer, defeating soundness.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-12-31
CVE-2019-25010
An issue was discovered in the failure crate through 2019-11-13 for Rust. Type confusion can occur when __private_get_type_id__ is overridden.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-12-31
CVE-2020-35857
An issue was discovered in the trust-dns-server crate before 0.18.1 for Rust. DNS MX and SRV null targets are mishandled, causing stack consumption.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-12-31
CVE-2020-35858
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM).
CVSS Score
9.8
EPSS Score
0.025
Published
2020-12-31


Products
Pricing
Contact Us

Shodan ® - All rights reserved