smallvec (crates.io) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the crates.io package smallvec, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2018-20991 — CVSS 9.8 (critical): An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a…
CVE-2019-15551 — CVSS 9.8 (critical): An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is a double free for certain grow attempts with the current…
CVE-2019-15554 — CVSS 9.8 (critical): An issue was discovered in the smallvec crate before 0.6.10 for Rust. There is memory corruption for certain grow attempts with less than…
CVE-2021-25900 — CVSS 9.8 (critical): An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in…
CVE-2018-25023 — CVSS 7.5 (high): An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a…