Rust Language - (bulletinoct2018)ID: oval:org.secpod.oval:def:2105258 | Date: (C)2020-01-19 (M)2023-11-13 |
Class: PATCH | Family: unix |
The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1.
Product: |
developer/rust/cargo-vendor |
developer/rust/cargo |
developer/rust/rustc |