CVE-2025-47737 – Trailer lib.rs Zero-Sized Allocation Mishandle

May 9, 2025

CVE ID : CVE-2025-47737

Published : May 9, 2025, 5:15 a.m. | 1 hour, 25 minutes ago

Description : lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

Severity: 2.9 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-47736 – SQLite3 Parser Invalid UTF-8 Input Crash

Next Article CVE-2025-47735 – Wgp Rust Lack of Drop Slow Thread Synchronization

Highlights

Development

while controller isn’t working perfectly when testing for multiple users

November 15, 2024

I have designed a case to wait for specific model name in GET response and then POST data. It is tested and is working fine when only 1 user and 1 loop are set. When the specific model name is found, then proceed to deploy the model.
JSON Extractor
$..valid_model_list[?(@.model_name =~ /.*Model-Test-${variable}-${counter}-v1-8k/i)]

While Controller
${__jexl3(“${modelnameresult_matchNr}” != “1”,)}

However, when I ramp up the test to use 2 users and 2 loops. The result isn’t as per expectation.

Question 1: Why JMeter isn’t running the request in sequence when multiple users and loop are set?
How do I design it in a better way to avoid false-positives in results?
Question 2: The GET (TrainedModelsList) constant timer is set to 1 minute and expectation is that it continues running till the end of the test. It seems it just run to a certain period and stopped. What type of timer should be used in this case?
JMeter deployed these model successfully
Model-Test-2022-02-28T09:46:40784-0001-v1-8k
Model-Test-2022-02-28T09:46:42785-0002-v1-8k
Model-Test-2022-02-28T09:46:44784-0003-v1-8k
Model-Test-2022-02-28T09:46:46783-0004-v1-8k

JMeter start deploy the model and fail although these models are not yet found:
Model-Test-2022-02-28T10:02:51745-0006-v1-8k
Model-Test-2022-02-28T10:18:18831-0007-v1-8k
Model-Test-2022-02-28T10:34:21111-0008-v1-8k
Model-Test-2022-02-28T10:50:24376-0009-v1-8k

Updated with view result notes where the problem occurred at second loop:

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

The biggest unanswered questions about Xbox’s next-gen consoles

HCL Commerce V9.1 – The Power of HCL Commerce Search

HCL Commerce V9.1 – The Power of HCL Commerce Search

Community News: Latest PECL Releases (05.20.2025)

Getting Started with Personalization in Sitecore XM Cloud: Enable, Extend, and Execute

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Helldivers 2: Heart of Democracy update is live, and you need to jump in to save Super Earth from the Illuminate

Qualcomm’s new Adreno Control Panel will let you fine-tune the GPU for certain games on Snapdragon X Elite devices

Samsung takes on LG’s best gaming TVs — adds NVIDIA G-SYNC support to 2025 flagship

CVE-2025-47737 – Trailer lib.rs Zero-Sized Allocation Mishandle

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Blockchain-as-a-Service (BaaS): Why Businesses Are Adopting It Faster Than Ever

Firefox 137 Released with Address Bar Revamp & Tab Groups

This mirror wraps your reflection inside Microsoft Paint — but you only have two days to order your own

ChemCanvas – 2D chemical drawing tool

while controller isn’t working perfectly when testing for multiple users

CVE-2025-4839 – Itwanger Paicoding Cross-Domain Policy Vulnerability

Redefinindo o banco de dados para AI: por que o MongoDB adquiriu a Voyage AI

Top misconceptions about platform engineering (and what to do about them)

CVE-2025-47737 – Trailer lib.rs Zero-Sized Allocation Mishandle

Related Posts