CVE-2019-25003
An issue was discovered in the libsecp256k1 crate before 0.3.1 for Rust. Scalar::check_overflow allows a timing side-channel attack; consequently, attackers can obtain sensitive information.
Source: CVE-2019-25003
[월:] 2020년 12월
CVE-2018-25001
CVE-2018-25001
An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free.
Source: CVE-2018-25001
CVE-2020-35921
CVE-2020-35921
An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation.
Source: CVE-2020-35921
CVE-2020-35920
CVE-2020-35920
An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation.
Source: CVE-2020-35920
CVE-2020-35923
CVE-2020-35923
An issue was discovered in the ordered-float crate before 1.1.1 and 2.x before 2.0.1 for Rust. A NotNan value can contain a NaN.
Source: CVE-2020-35923
CVE-2020-35924
CVE-2020-35924
An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type.
Source: CVE-2020-35924
CVE-2020-35922
CVE-2020-35922
An issue was discovered in the mio crate before 0.7.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation.
Source: CVE-2020-35922
CVE-2020-35925
CVE-2020-35925
An issue was discovered in the magnetic crate before 2.0.1 for Rust. MPMCConsumer and MPMCProducer allow cross-thread sending of a non-Send type.
Source: CVE-2020-35925
CVE-2020-35928
CVE-2020-35928
An issue was discovered in the concread crate before 0.2.6 for Rust. Attackers can cause an ARCache<K,V> data race by sending types that do not implement Send/Sync.
Source: CVE-2020-35928
CVE-2020-35927
CVE-2020-35927
An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex<T> allows cross-thread data races of non-Send types.
Source: CVE-2020-35927