Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Actix Subscribe
Total 8 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-25024 1 Actix 1 Actix-web 2022-01-05 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
CVE-2018-25025 1 Actix 1 Actix-web 2022-01-05 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
CVE-2018-25026 1 Actix 1 Actix-web 2022-01-05 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
CVE-2021-38512 2 Actix, Fedoraproject 2 Actix-http, Fedora 2021-09-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
CVE-2020-35898 1 Actix 1 Actix-utils 2021-01-07 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2020-35901 1 Actix 1 Actix-http 2021-01-07 5.0 MEDIUM 7.5 HIGH
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
CVE-2020-35902 1 Actix 1 Actix-codec 2021-01-07 7.5 HIGH 9.8 CRITICAL
An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed.
CVE-2020-35899 1 Actix 1 Actix-service 2021-01-06 2.1 LOW 5.5 MEDIUM
An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.