[actix-web] Out-of-bounds Write in actix-web

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption.
References

https://nvd.nist.gov/vuln/detail/CVE-2018-25024
https://raw.github…

[smallvec] Use of Uninitialized Resource in smallvec

An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type.
References

https://nvd.nist.gov/vuln/detail/CVE-2018-25023
https://raw.githubusercontent.com/rustsec/ad…

[libpulse-binding] Use After Free in libpulse-binding

An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_format_info can cause a use-after-free.
References

https://nvd.nist.gov/vuln/detail/CVE-2018-25027
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/libpu…

[actix-web] Out-of-bounds Write in actix-web

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption.
References

https://nvd.nist.gov/vuln/detail/CVE-2018-25026
h…

[actix-web] Out-of-bounds Write in actix-web

An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption.
References

https://nvd.nist.gov/vuln/detail/CVE-2018-25025
https://raw.githubusercontent.com/rustsec…

[libpulse-binding] Use After Free in libpulse-binding

An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_context can cause a use-after-free.
References

https://nvd.nist.gov/vuln/detail/CVE-2018-25028
https://raw.githubusercontent.com/rustsec/advisory-db/main/crates/libpulse-…