{"id":"CVE-2018-1000810","details":"The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2, 1.27.1, 127.0, 126.2, 126.1, 126.0 contains a CWE-680: Integer Overflow to Buffer Overflow vulnerability in standard library that can result in buffer overflow. This attack appear to be exploitable via str::repeat, passed a large number, can overflow an internal buffer. This vulnerability appears to have been fixed in 1.29.1.","modified":"2026-03-14T09:26:54.586329Z","published":"2018-10-08T15:29:01.227Z","related":["MGASA-2018-0407"],"references":[{"type":"WEB","url":"https://groups.google.com/forum/#%21topic/rustlang-security-announcements/CmSuTm-SaU0"},{"type":"ADVISORY","url":"https://blog.rust-lang.org/2018/09/21/Security-advisory-for-std.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201812-11"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/rust-lang/rust","events":[{"introduced":"0"},{"last_affected":"a7756804103447ea4e68a71ccf071e7ad8f7a03e"},{"introduced":"0"},{"last_affected":"827013a31b88e536e85b8e6ceb5b9988042ec335"},{"introduced":"0"},{"last_affected":"594fb253c2b02b320c728391a425d028e6dc7a09"},{"introduced":"0"},{"last_affected":"3eda71b00ad48d7bf4eef4c443e7f611fd061418"},{"introduced":"0"},{"last_affected":"5f2b325f64ed6caa7179f3e04913db437656ec7e"},{"introduced":"0"},{"last_affected":"58cc626de3301192d5d8c6dcbde43b5b44211ae2"},{"introduced":"0"},{"last_affected":"9634041f0e8c0f3191d2867311276f19d0a42564"},{"introduced":"0"},{"last_affected":"aa3ca1994904f2e056679fce1f185db8c7ed2703"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.26.0"},{"introduced":"0"},{"last_affected":"1.26.1"},{"introduced":"0"},{"last_affected":"1.26.2"},{"introduced":"0"},{"last_affected":"1.27.0"},{"introduced":"0"},{"last_affected":"1.27.1"},{"introduced":"0"},{"last_affected":"1.27.2"},{"introduced":"0"},{"last_affected":"1.28.0"},{"introduced":"0"},{"last_affected":"1.29.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000810.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}