GitHub

Affected versions of this crate maintains references to memory that might have been freed already.
If affects the following two tremor-script language constructs:

A Merge where we assign the result back to the target expression
and the expression to b…

tower_http::services::fs::ServeDir didn’t correctly validate Windows paths
meaning paths like /foo/bar/c:/windows/web/screen/img101.png would be allowed
and respond with the contents of c:/windows/web/screen/img101.png. Thus users
could potentially rea…

In the affected version of this crate, {Iter, IterMut}::next used a weaker memory ordering when loading values than what was required, exposing a potential data race
when iterating over a ThreadLocal’s values.
Crates using Iter::next, or IterMut::next …

Affected versions of this crate passes an uninitialized buffer to a user-provided Read implementation.
Arbitrary Read implementations can read from the uninitialized buffer (memory exposure) and also can return incorrect number of bytes written to the …

Version 0.6.0 of the simple_asn1 crate panics on certain malformed
inputs to its parsing functions, including from_der and der_decode.
Because this crate is frequently used with inputs from the network, this
should be considered a security vulnerabilit…

Affected versions of this crate did not properly calculate secret shares requirements.
This reduces the security of the algorithm by restricting the crate to always
using a threshold value of three, rather than a configurable limit.
The flaw was correc…

When parsing JSON using json::Json::from_str, there is no limit to the depth of the stack, therefore deeply nested objects can cause a stack overflow, which aborts the process.
Example code that triggers the vulnerability is
fn main() {
let _ = rus…

When running in debug mode and the debug-embed (off by default) feature is
not enabled, the generated get method does not check that the input path is
a child of the folder given.
This allows attackers to read arbitrary files in the file system if the…

The following Rust program demonstrates some strangeness in AES encryption – if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key.
For these functions, we expec…

The lifetime bound on several closure-accepting rusqlite functions (specifically, functions which register a callback to be later invoked by SQLite) was too relaxed. If a closure referencing borrowed values on the stack is was passed to one of these fu…