~/products/debian/rustc

pipeline liveDigest Docs

Debian Rustc vulnerabilities

25 known vulnerabilities affecting debian/rustc.

Total CVEs

25

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL5HIGH10MEDIUM5LOW5

Vulnerabilities

Page 2 of 2

CVE-2018-1000657HIGHCVSS 7.8fixed in rustc 1.22.1+dfsg1-1 (bookworm)2018

CVE-2018-1000657 [HIGH] CVE-2018-1000657: rustc - Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d... Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. This vulnerabili

CVE-2018-1000622HIGHCVSS 7.8fixed in rustc 1.27.1+dfsg1-1~exp1 (bookworm)2018

CVE-2018-1000622 [HIGH] CVE-2018-1000622: rustc - The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a ... The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the --plugin-path flag. This vulnerability appears to have been fixed in 1.27

CVE-2018-25008MEDIUMCVSS 5.9fixed in rustc 1.29.0+dfsg1-1 (bookworm)2018

CVE-2018-25008 [MEDIUM] CVE-2018-25008: rustc - In the standard library in Rust before 1.29.0, there is weak synchronization in ... In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. Scope: local bookworm: resolved (fixed in 1.29.0+dfsg1-1) bullseye: resolved (fixed in 1.29.0+dfsg1-1) forky: resolved (fixed in 1.29.0+dfsg1-1) sid: resolved (fixed in 1.29.0

CVE-2017-20004MEDIUMCVSS 5.9fixed in rustc 1.19.0+dfsg3-2 (bookworm)2017

CVE-2017-20004 [MEDIUM] CVE-2017-20004: rustc - In the standard library in Rust before 1.19.0, there is a synchronization proble... In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions. Scope: local bookworm: resolved (fixed in 1.19.0+dfsg3-2) bullseye: resolved (fixed in 1.19.0+dfsg3-2) forky: resolved (fixed in 1.19.0+dfsg3-2) s

CVE-2015-20001HIGHCVSS 7.5fixed in rustc 1.2.0+dfsg1-1 (bookworm)2015

CVE-2015-20001 [HIGH] CVE-2015-20001: rustc - In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The ... In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory safety violation. Scope: local bookworm: resolved (fixed in 1.2.0+dfsg

← Previous2 / 2