Aggregates CVE and security vulnerability intelligence across all rust-lang-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues involve various input-handling and memory-safety problems that may affect software stability and security.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-28876 | In the standard library in Rust before 1.52.0, the Zip implementation has a panic safety issue. It calls __iterator_get_unchecked() more than once for the same index when the underlying iterator panics (in certain conditions). This bug could lead to a memory safety violation due to an unmet safety requirement for the TrustedRandomAccess trait. | [email protected] | 5.3 | 1.58% | 2021-04-11 | 2026-06-16 |
| CVE-2021-28875 | In the standard library in Rust before 1.50.0, read_to_end() does not validate the return value from Read in an unsafe context. This bug could lead to a buffer overflow. | [email protected] | 7.5 | 2.14% | 2021-04-11 | 2026-06-16 |
| CVE-2020-36318 | In the standard library in Rust before 1.49.0, VecDeque::make_contiguous has a bug that pops the same element more than once under certain condition. This bug could result in a use-after-free or double free. | [email protected] | 9.8 | 1.69% | 2021-04-11 | 2026-06-16 |
| CVE-2020-36317 | In the standard library in Rust before 1.49.0, String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string. | [email protected] | 7.5 | 1.51% | 2021-04-11 | 2026-06-16 |
| CVE-2015-20001 | In the standard library in Rust before 1.2.0, BinaryHeap is not panic-safe. The binary heap is left in an inconsistent state when the comparison of generic elements inside sift_up or sift_down_range panics. This bug leads to a drop of zeroed memory as an arbitrary type, which can result in a memory safety violation. | [email protected] | 7.5 | 1.32% | 2021-04-11 | 2026-06-16 |
| CVE-2020-36202 | An issue was discovered in the async-h1 crate before 2.3.0 for Rust. Request smuggling can occur when used behind a reverse proxy. | [email protected] | 6.1 | 0.81% | 2021-01-26 | 2026-06-16 |
| CVE-2020-26297 | mdBook is a utility to create modern online books from Markdown files and is written in Rust. In mdBook before version 0.4.5, there is a vulnerability affecting the search feature of mdBook, which could allow an attacker to execute arbitrary JavaScript code on the page. The search feature of mdBook (introduced in version 0.1.4) was affected by a cross site scripting vulnerability that allowed an attacker to execute arbitrary JavaScript code on an user's browser by tricking the user into typing a | [email protected] | 8.2 | 1.25% | 2021-01-04 | 2026-06-16 |
| CVE-2020-35920 | An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation. | [email protected] | 5.5 | 0.40% | 2020-12-31 | 2026-06-16 |
| CVE-2020-35908 | An issue was discovered in the futures-util crate before 0.3.2 for Rust. FuturesUnordered can lead to data corruption because Sync is mishandled. | [email protected] | 5.5 | 0.33% | 2020-12-31 | 2026-06-16 |
| CVE-2020-35907 | An issue was discovered in the futures-task crate before 0.3.5 for Rust. futures_task::noop_waker_ref allows a NULL pointer dereference. | [email protected] | 5.5 | 0.40% | 2020-12-31 | 2026-06-16 |
| CVE-2020-35906 | An issue was discovered in the futures-task crate before 0.3.6 for Rust. futures_task::waker may cause a use-after-free in a non-static type situation. | [email protected] | 7.8 | 0.49% | 2020-12-31 | 2026-06-16 |
| CVE-2020-35905 | An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations (in safe code). | [email protected] | 4.7 | 0.26% | 2020-12-31 | 2026-06-16 |
| CVE-2020-26281 | async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). There is a request smuggling vulnerability in async-h1 before version 2.3.0. This vulnerability affects any webserver that uses async-h1 behind a reverse proxy, including all such Tide applications. If the server does not read the body of a request which is longer than some buffer length, async-h1 will attempt to read a subsequent request from the body content starting at that offset into the body. One way to exploit this vulnerab | [email protected] | 6.8 | 1.01% | 2020-12-21 | 2026-06-16 |
| CVE-2019-16760 | Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency, which could be squatted on crates.io to be a malicious package. This not only affects manifests that you write locally yourself, but also manifests published to crates.io. Rust 1.0.0 through Rust | [email protected] | 4.6 | 1.26% | 2019-09-30 | 2026-06-16 |
| CVE-2019-1010299 | The Rust Programming Language Standard Library 1.18.0 and later is affected by: CWE-200: Information Exposure. The impact is: Contents of uninitialized memory could be printed to string or to log file. The component is: Debug trait implementation for std::collections::vec_deque::Iter. The attack vector is: The program needs to invoke debug printing for iterator over an empty VecDeque. The fixed version is: 1.30.0, nightly versions after commit b85e4cc8fadaabd41da5b9645c08c68b8f89908d. | [email protected] | 5.3 | 1.52% | 2019-07-15 | 2026-06-16 |
| CVE-2019-12083 | The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, causing memory safety vulnerabilities in safe code (e.g., out-of-bounds write or read). Code that does not manually implement Error::type_id is unaffected. | [email protected] | 8.1 | 2.23% | 2019-05-13 | 2026-06-16 |
| CVE-2018-1000810 | The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1. | [email protected] | 9.8 | 2.96% | 2018-10-08 | 2026-06-16 |
| CVE-2018-1000657 | Rust Programming Language Rust standard library version Commit bfa0e1f58acf1c28d500c34ed258f09ae021893e and later; stable release 1.3.0 and later contains a Buffer Overflow vulnerability in std::collections::vec_deque::VecDeque::reserve() function that can result in Arbitrary code execution, but no proof-of-concept exploit is currently published.. This vulnerability appears to have been fixed in after commit fdfafb510b1a38f727e920dccbeeb638d39a8e60; stable release 1.22.0 and later. | [email protected] | 7.8 | 0.54% | 2018-08-20 | 2026-06-16 |
| CVE-2018-1000622 | The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the --plugin-path flag. This vulnerability appears to have been fixed in 1.27.1. | [email protected] | 7.8 | 1.82% | 2018-07-09 | 2026-06-16 |