smallvec

crates.io5 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting smallvecpage 1 of 1

CVE-2018-20991CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.6.3
2019-08-26
An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free.
CVE-2018-25023HIGHCVSS 7.5EG 7.5✓ Fixed in 0.6.13
2021-12-27
An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type.
CVE-2019-15551CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.6.10
2019-08-26
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current capacity.
CVE-2019-15554CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.6.10
2019-08-26
An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than the current capacity.
CVE-2021-25900CRITICALCVSS 9.8EG 9.8✓ Fixed in 1.6.1
2021-01-26
An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insert_many.

Check whether smallvec is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for smallvec CVEs against the assets you own.

Start Free Scan →