Rust from a security perspective, where is it vulnerable?

• nomicon

  87 1,685 5.5 CSS

  The Dark Arts of Advanced and Unsafe Rust Programming

  

For more details on this kind of thing, you might be interested in the Rustonomicon, which is the goto guide for the details of writing unsafe Rust code.

• high-assurance-rust

  7 1,262 7.4 Rust

  A free book about developing secure and robust systems software.

"High Assurance Rust" is going to be an amazing resource, but is still being written. Still, good stuff there already: https://highassurance.rs/

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• rustsec

  33 1,521 9.5 Rust

  RustSec API & Tooling

  

For known vulnerabilities we have the rustsec vulnerability database. You could have a look over there for inspiration. There's also the related cargo-audit for checking dependencies for known vulnerabilities.

• rust

  2,682 92,831 10.0 Rust

  Empowering everyone to build reliable and efficient software.

  

Rust has its own soundness issues. https://github.com/rust-lang/rust/labels/I-unsound

• trophy-case

  14 392 2.8

  🏆 Collection of bugs uncovered by fuzzing Rust code

  

You could check cargo-fuzz trophy case, which is a list of issues that have been found via fuzzing.

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

Suggest a related project