Rust Language Security

execrices: RUSTSEC-2021-0001

Rust-Security

Rust Language Security

execrices: rust-ctf

CVE

Rust-lang

ID RUSTSEC-ID CVE-ID Description Writeup
RUSTSEC-2021-0001 CVE-2020-26297 XSS in mdBook's search page mdBook搜索界面的XSS
CVE-2019-1010299 Obtain Information None
CVE-2019-16760 Cargo download the wrong dependency None
CVE-2019-12083 IOverflow None
CVE-2018-1000810 Integer Overflow to Buffer Overflow None
CVE-2018-1000657 Buffer Overflow None
CVE-2018-1000622 Uncontrolled Search Path Element None
14 CVE-2017-20004 MutexGuard<Cell> must not be Sync None
13 RUSTSEC-2017-0007 lz4-compress is unmaintained None
12 RUSTSEC-2017-0006 Unchecked vector pre-allocation None
11 RUSTSEC-2017-0005 CVE-2017-18589 Large cookie Max-Age values can cause a denial of service None
10 RUSTSEC-2017-0004 CVE-2017-1000430 Integer overflow leads to heap-based buffer overflow in encode_config_buf None
9 RUSTSEC-2017-0003 CVE-2017-18588 Hostname verification skipped when custom root certs used None
8 RUSTSEC-2017-0002 CVE-2017-18587 headers containing newline characters can split messages None
7 RUSTSEC-2017-0001 CVE-2017-10001683 scalarmult() vulnerable to degenerate public keys None
6 RUSTSEC-2016-0006 cassandra crate is unmaintained; use cassandra-cpp instead None
5 RUSTSEC-2016-0005 rust-crypto is unmaintained; switch to a modern alternative None
4 RUSTSEC-2016-0004 libusb is unmaintained; use rusb instead None
3 RUSTSEC-2016-0003 CVE-2016-10933 HTTP download and execution allows MitM RCE None
2 RUSTSEC-2016-0002 CVE-2016-10932 HTTPS MitM vulnerability due to lack of hostname verification None
1 RUSTSEC-2016-0001 CVE-2016-10931 SSL/TLS MitM vulnerability due to insecure defaults None
0 CVE-2015-20001 Panic safety violation in BinaryHeap None

Fuzz

  • rust-fuzz db
  • rustsec advisories
  • rust-fuzz book

Fuzzer

  • cargo fuzz
  • libfuzzer
  • afl
  • honggfuzz

Reference

  • Smoke-testing Rust HTTP clients
  • How I’ve found vulnerability in a popular Rust crate
  • Auditing popular Rust crates: how a one-line unsafe has nearly ruined everything

Information - Updated Nov 23, 2021

Stars: 12
Forks: 0
Issues: 0

This is an example of a Rust server that functions as a remote schema for...

Rust + Hasura Rust server that functions as a Hasura

This is an example of a Rust server that functions as a remote schema for...

Newport Engine is a modular 2D and 3D game engine built in Rust for Rust

It is designed to be easily extendable and easy to use

Newport Engine is a modular 2D and 3D game engine built in Rust for Rust

Newport Engine is a modular 2D and 3D game engine built in Rust for Rust

It is designed to be easily extendable and easy to use

Newport Engine is a modular 2D and 3D game engine built in Rust for Rust

liboqs-rust: Rust bindings for liboqs

Qyantum Safe liboqs rust bindings

liboqs-rust: Rust bindings for liboqs

msgflo-rust: Rust participant support for MsgFlo

Flowhub visual programming IDE

msgflo-rust: Rust participant support for MsgFlo

Trojan-rust is a rust implementation for Trojan protocol that is targeted to circumvent GFW

Trojan protocol that is targeted to circumvent tokio-rs to achieve high performance async io

Trojan-rust is a rust implementation for Trojan protocol that is targeted to circumvent GFW
Actix

1.0K

How to be a full stack Rust Developer

Read Rust the Rust blog posts at Steadylearner

How to be a full stack Rust Developer

Rust library translation (rust-src/rust-std/stdlib/rustlib translation)

This is the place to translate Having a documentation in your native language is essential if you don't speak English, and still enjoyable even if...

Rust library translation (rust-src/rust-std/stdlib/rustlib translation)

False Positive for rust-lang/rust#83583

The deprecation lint proc_macro_derive_resolution_fallback is intended to catch proc macro generated code that refers to items from parent modules that should not be in scope:

False Positive for rust-lang/rust#83583

A CHIP-8 &amp; SuperChip interpreter written in Rust using rust-sdl2

If you're getting compile errors it may be because

A CHIP-8 &amp; SuperChip interpreter written in Rust using rust-sdl2

Rust-Svelte-on-Rust

Starter template for Rocket backend server

Rust-Svelte-on-Rust
Facebook Instagram Twitter GitHub Dribbble
Privacy