| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-39294 | (DoS) Denial of Service from unchecked request length in conduit-hyper | conduit-rust | conduit-hyper | High | 7.5 | 2022-10-31 00:00:00 | Deep Dive |
| CVE-2022-39354 | evm has incorrect is_static parameter for custom stateful precompiles | rust-blockchain | evm | Medium | 5.9 | 2022-10-25 00:00:00 | Deep Dive |
| CVE-2022-39292 | Exposure of sensitive Slack webhook URLs in debug logs and traces | abdolence | slack-morphism-rust | High | 7.5 | 2022-10-10 00:00:00 | Deep Dive |
| CVE-2022-39252 | When matrix-rust-sdk recieves forwarded room keys, the reciever doesn't check if it requested the key from the forwarder | matrix-org | matrix-rust-sdk | High | 8.6 | 2022-09-29 14:15:14 | Deep Dive |
| CVE-2022-36114 | Extracting malicious crates can fill the file system | rust-lang | cargo | Medium | 4.8 | 2022-09-14 00:00:00 | Deep Dive |
| CVE-2022-36113 | Extracting malicious crates can corrupt arbitrary files | rust-lang | cargo | Medium | 4.6 | 2022-09-14 00:00:00 | Deep Dive |
| CVE-2022-36086 | linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend` | rust-osdev | linked-list-allocator | High | 8.4 | 2022-09-07 22:50:09 | Deep Dive |
| CVE-2022-35922 | Memory allocation based on untrusted length in rust-websocket | websockets-rs | rust-websocket | High | 7.5 | 2022-08-01 21:35:11 | Deep Dive |
| CVE-2022-31173 | Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow | graphql-rust | juniper | High | 7.5 | 2022-08-01 18:50:12 | Deep Dive |
| CVE-2022-31162 | Slack Morphism for Rust before 0.41.0 can accidentally leak Slack OAuth client information in application debug logs | abdolence | slack-morphism-rust | High | 7.5 | 2022-07-21 13:20:12 | Deep Dive |
| CVE-2022-24713 | Regular expression denial of service in Rust's regex crate | rust-lang | regex | High | 7.5 | 2022-03-08 19:00:12 | Deep Dive |
| CVE-2022-21658 | Race condition in std::fs::remove_dir_all in rustlang | rust-lang | rust | High | 7.3 | 2022-01-20 00:00:00 | Deep Dive |
| CVE-2021-41153 | Specification non-compliance in JUMPI | rust-blockchain | evm | High | 8.7 | 2021-10-18 21:00:13 | Deep Dive |
| CVE-2021-20332 | MongoDB Rust Driver may publish events containing authentication-related data to a connection pool event listener configured by an application | MongoDB Inc. | MongoDB Rust Driver | Medium | 4.2 | 2021-08-02 12:50:10 | Deep Dive |
| CVE-2021-29511 | Memory over-allocation in evm crate | rust-blockchain | evm | Medium | 6.5 | 2021-05-12 17:15:11 | Deep Dive |
| CVE-2020-26297 | XSS in mdBook's search page | rust-lang | mdBook | High | 8.2 | 2021-01-04 18:45:15 | Deep Dive |
| CVE-2019-16760 | Cargo prior to Rust 1.26.0 may download the wrong dependency | rust | cargo | Medium | 4.6 | 2019-09-30 21:39:38 | Deep Dive |
| CVE-2019-1010182 | yaml-rust 资源管理错误漏洞 | yaml-rust | yaml-rust | 中危 | - | 2019-07-25 13:02:57 | Deep Dive |
| CVE-2019-1010299 | Rust Programming Language Standard Library 信息泄露漏洞 | The Rust Programming Language | Standard Library | 中危 | - | 2019-07-15 17:18:46 | Deep Dive |