CVE-2018-1000810

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-1000810
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000810.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1000810
Downstream
Published
2018-10-08T15:29:01.227Z
Modified
2026-04-16T06:24:08.345416104Z
Severity
  • 9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1.

References

Affected packages

Git / github.com/rust-lang/rust

Affected ranges

Type
GIT
Repo
https://github.com/rust-lang/rust
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
a7756804103447ea4e68a71ccf071e7ad8f7a03e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
827013a31b88e536e85b8e6ceb5b9988042ec335
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
594fb253c2b02b320c728391a425d028e6dc7a09
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
3eda71b00ad48d7bf4eef4c443e7f611fd061418
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5f2b325f64ed6caa7179f3e04913db437656ec7e
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
58cc626de3301192d5d8c6dcbde43b5b44211ae2
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
9634041f0e8c0f3191d2867311276f19d0a42564
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
aa3ca1994904f2e056679fce1f185db8c7ed2703
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.26.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.26.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.26.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.27.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.27.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.27.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.28.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.29.0"
        }
    ]
}

Affected versions

0.*
0.1
0.2
0.4
0.5
0.6
0.7
0.8
0.9
1.*
1.0.0-alpha
1.0.0-alpha.2
1.0.0-beta
1.26.0
1.26.1
1.26.2
1.27.0
1.27.1
1.27.2
1.28.0
1.29.0
release-0.*
release-0.1
release-0.2
release-0.4
release-0.5
release-0.6
release-0.7

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000810.json"