← Back

Xcb Project

xcb_project

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Xcb
xcb
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-26958
1Xcb Project
1Xcb
Nov 21, 2024
Feb 9, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::cast_event uses std::mem::transmute to return a refer...Show more
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::cast_event uses std::mem::transmute to return a reference to an arbitrary type.Show less
CVE-2021-26957
1Xcb Project
1Xcb
Nov 21, 2024
Feb 9, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation w...Show more
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server.Show less
CVE-2021-26956
1Xcb Project
1Xcb
Nov 21, 2024
Feb 9, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because bytes from an X server can be interpreted as any data type returned by xcb::xproto::GetPropertyReply::value.
CVE-2021-26955
1Xcb Project
1Xcb
Nov 21, 2024
Feb 9, 2021
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated bytes from an X server...Show more
An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated bytes from an X server.Show less
CVE-2020-36205
1Xcb Project
1Xcb
Nov 21, 2024
Jan 26, 2021
N/A· v4
5.5 MEDIUM· v3
2.1 LOW· v2
An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.