⚠️ FOR SECURITY TESTING ONLY — This repository contains intentional vulnerabilities for evaluating AppSec tools. Do NOT deploy to production.
| File | Vulnerability | CWE |
|---|---|---|
| src/main.rs | SQL injection via format string | CWE-89 |
| src/main.rs | Command injection via sh -c |
CWE-78 |
| src/main.rs | Path traversal in file read | CWE-22 |
| src/main.rs | Hardcoded credentials & API keys | CWE-798 |
| src/main.rs | Insecure random (fixed seed) | CWE-338 |
| src/main.rs | Integer overflow in buffer sizing | CWE-190 |
| src/main.rs | unsafe buffer overflow (ptr::copy) |
CWE-120 |
| src/main.rs | unsafe use-after-free |
CWE-416 |
| src/main.rs | unsafe null pointer dereference |
CWE-476 |
| src/main.rs | SSL certificate validation disabled | CWE-295 |
| src/main.rs | SSRF via user-controlled URL | CWE-918 |
| src/main.rs | Sensitive data logged (card/CVV) | CWE-532 |
| src/main.rs | Weak password hashing (XOR) | CWE-327 |
| src/main.rs | Hardcoded admin token | CWE-798 |
| src/main.rs | Panic on unwrap() — no error handling | CWE-390 |
| src/handlers.rs | Open redirect via Location header | CWE-601 |
| src/handlers.rs | Insecure cookie (no Secure/HttpOnly) | CWE-614 |
| src/handlers.rs | Stack overflow via unbounded recursion | CWE-674 |
| src/handlers.rs | ReDoS via user-controlled regex | CWE-1333 |
| src/handlers.rs | Deserialization without schema validation | CWE-502 |
| src/handlers.rs | XML injection via unescaped input | CWE-91 |
| src/handlers.rs | Timing attack on secret comparison | CWE-208 |
| src/handlers.rs | Information disclosure in error response | CWE-209 |
| src/handlers.rs | Hardcoded secrets in module scope | CWE-798 |
| .env | All secrets committed to VCS | CWE-798 |
| Cargo.toml | regex 1.5.4 ReDoS (CVE-2022-24713) | High |
| Cargo.toml | tokio 1.13.0 use-after-free (CVE-2021-45710) | Critical |
| Cargo.toml | hyper 0.13.0 request smuggling (CVE-2021-21299) | High |
| Cargo.toml | time 0.1.43 segfault on localtime (RUSTSEC-2020-0071) | Medium |
| Cargo.toml | crossbeam 0.7.3 use-after-free (CVE-2022-2596) | High |
| Cargo.toml | smallvec 1.6.1 stack overflow (CVE-2021-45688) | High |
Rust's ownership model eliminates entire classes of memory safety bugs at compile time — but vulnerabilities still exist in:
unsafeblocks — the compiler's safety guarantees are suspended- Logic flaws — SQL/command injection, path traversal, SSRF are language-agnostic
- Dependency chain —
cargo auditfinds known CVEs in crates - Cryptographic misuse — weak algorithms, hardcoded keys
- Panic on unwrap() — can cause denial of service
cargo buildcargo install cargo-audit
cargo audit