Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Actix Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-25025 1 Actix 1 Actix-web 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
CVE-2018-25026 1 Actix 1 Actix-web 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
CVE-2018-25024 1 Actix 1 Actix-web 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
CVE-2021-38512 2 Actix, Fedoraproject 2 Actix-http, Fedora 2023-12-10 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
CVE-2020-35901 1 Actix 1 Actix-http 2023-12-10 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
CVE-2020-35902 1 Actix 1 Actix-codec 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed.
CVE-2020-35898 1 Actix 1 Actix-utils 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2020-35899 1 Actix 1 Actix-service 2023-12-10 2.1 LOW 5.5 MEDIUM
An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.