Actix CVE - CVE Search - CVE Details

Filtered by vendor Actix Subscribe

Total 8 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-25024	1 Actix	1 Actix-web	2022-01-05	7.5 HIGH	9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
CVE-2018-25025	1 Actix	1 Actix-web	2022-01-05	7.5 HIGH	9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
CVE-2018-25026	1 Actix	1 Actix-web	2022-01-05	7.5 HIGH	9.8 CRITICAL
An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
CVE-2021-38512	2 Actix, Fedoraproject	2 Actix-http, Fedora	2021-09-21	5.0 MEDIUM	7.5 HIGH
An issue was discovered in the actix-http crate before 3.0.0-beta.9 for Rust. HTTP/1 request smuggling (aka HRS) can occur, potentially leading to credential disclosure.
CVE-2020-35898	1 Actix	1 Actix-utils	2021-01-07	6.4 MEDIUM	9.1 CRITICAL
An issue was discovered in the actix-utils crate before 2.0.0 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.
CVE-2020-35901	1 Actix	1 Actix-http	2021-01-07	5.0 MEDIUM	7.5 HIGH
An issue was discovered in the actix-http crate before 2.0.0-alpha.1 for Rust. There is a use-after-free in BodyStream.
CVE-2020-35902	1 Actix	1 Actix-codec	2021-01-07	7.5 HIGH	9.8 CRITICAL
An issue was discovered in the actix-codec crate before 0.3.0-beta.1 for Rust. There is a use-after-free in Framed.
CVE-2020-35899	1 Actix	1 Actix-service	2021-01-06	2.1 LOW	5.5 MEDIUM
An issue was discovered in the actix-service crate before 1.0.6 for Rust. The Cell implementation allows obtaining more than one mutable reference to the same data.

Vulnerabilities (CVE)