CVE-2020-35886
An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race.
Source: CVE-2020-35886
CVE-2020-35886
An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race.
Source: CVE-2020-35886
CVE-2020-35894
An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur.
Source: CVE-2020-35894
CVE-2020-35879
An issue was discovered in the rulinalg crate through 2020-02-11 for Rust. There are incorrect lifetime-boundary definitions for RowMut::raw_slice and RowMut::raw_slice_mut.
Source: CVE-2020-35879
CVE-2020-35885
An issue was discovered in the alpm-rs crate through 2020-08-20 for Rust. StrcCtx performs improper memory deallocation.
Source: CVE-2020-35885
CVE-2020-35892
An issue was discovered in the simple-slab crate before 0.3.3 for Rust. index() allows an out-of-bounds read.
Source: CVE-2020-35892
CVE-2020-35881
An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x.
Source: CVE-2020-35881
CVE-2020-35882
An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race.
Source: CVE-2020-35882
CVE-2020-35893
An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uninitialized memory.
Source: CVE-2020-35893
CVE-2020-35883
An issue was discovered in the mozwire crate through 2020-08-18 for Rust. A ../ directory-traversal situation allows overwriting local files that have .conf at the end of the filename.
Source: CVE-2020-35883
CVE-2020-35862
An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.
Source: CVE-2020-35862