Aggregates CVE and security vulnerability intelligence across all actix-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk memory corruption, with potential vendor impact memory corruption and vendor impact application crash across vendor surface software deployment use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2018-25026 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. | [email protected] | 9.8 | 0.36% | 2021-12-27 | 2024-11-21 |
| CVE-2018-25025 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption. | [email protected] | 9.8 | 0.36% | 2021-12-27 | 2024-11-21 |
| CVE-2018-25024 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. | [email protected] | 9.8 | 0.36% | 2021-12-27 | 2024-11-21 |
| CVE-2021-38512 | An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure. | [email protected] | 7.5 | 0.42% | 2021-08-10 | 2024-11-21 |
| CVE-2020-35902 | An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed. | [email protected] | 9.8 | 0.51% | 2020-12-31 | 2024-11-21 |
| CVE-2020-35901 | An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream. | [email protected] | 7.5 | 0.39% | 2020-12-31 | 2024-11-21 |
| CVE-2020-35899 | An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data. | [email protected] | 5.5 | 0.05% | 2020-12-31 | 2024-11-21 |
| CVE-2020-35898 | An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data. | [email protected] | 9.1 | 0.33% | 2020-12-31 | 2024-11-21 |