Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2021-0517
HistoryNov 20, 2021 - 10:31 p.m.

Updated rust packages fix security vulnerability

2021-11-2022:31:06
Gentoo Foundation
advisories.mageia.org
19

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.2%

JSON

Updated rust packages fix security vulnerability This update mitigates a security concern in the Unicode standard, affecting source code containing “bidirectional override” Unicode codepoints: in some cases the use of those codepoints could lead to the reviewed code being different than the compiled code (CVE-2021-42574). rustc mitigates the issue by issuing two new deny-by-default lints detecting the affected codepoints in string literals and in comments. The lints will prevent source code files containing those codepoints from being compiled, protecting developers and users from the attack. This update also provides new features and bugfixes included in Rust since the previously packaged version 1.51.1. See the referenced release notes for details.

OSVersionArchitecturePackageVersionFilename
Mageia8noarchrust< 1.56.1-1rust-1.56.1-1.mga8

Related

oraclelinux 12
nessus 91
veracode 1
osv 21
centos 1
redhat 24
almalinux 8
fedora 3
githubexploit 4
rocky 7
debiancve 1
openvas 8
atlassian 11
ubuntucve 1
alpinelinux 1
amazon 1
cve 1
f5 1
prion 1
photon 1
oraclelinux
oraclelinux
binutils security update
2021-11-18 00:00:00
gcc security update
2021-11-18 00:00:00
gcc-toolset-11-binutils security update
2021-11-18 00:00:00
nessus
nessus
Rocky Linux 8 : gcc-toolset-11-gcc (RLSA-2021:4586)
2023-11-07 00:00:00
Rocky Linux 8 : gcc-toolset-11-binutils (RLSA-2021:4594)
2023-11-06 00:00:00
RHEL 7 : rust-toolset-1.54-rust (RHSA-2021:4694)
2021-11-17 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-11-05 01:37:30
osv
osv
Moderate: gcc-toolset-11-binutils security update
2021-11-10 08:40:25
Moderate: gcc-toolset-10-annobin security update
2021-11-10 08:39:32
Moderate: gcc security update
2021-11-10 08:34:56
centos
centos
binutils security update
2021-11-17 15:07:33
redhat
redhat
(RHSA-2021:4729) Moderate: devtoolset-11-annobin security update
2021-11-18 09:46:39
(RHSA-2021:4649) Moderate: gcc-toolset-10-binutils security update
2021-11-15 10:00:59
(RHSA-2021:4602) Moderate: binutils security update
2021-11-10 08:58:55
almalinux
almalinux
Moderate: rust-toolset:rhel8 security update
2021-11-10 08:37:57
Moderate: annobin security update
2021-11-10 08:39:41
Moderate: gcc security update
2021-11-10 08:34:56
fedora
fedora
[SECURITY] Fedora 34 Update: rust-1.56.1-1.fc34
2021-11-04 01:34:43
[SECURITY] Fedora 35 Update: rust-1.56.1-1.fc35
2021-11-05 01:08:45
[SECURITY] Fedora 33 Update: rust-1.56.1-1.fc33
2021-11-11 01:22:52
githubexploit
githubexploit
Exploit for Code Injection in Unicode
2021-11-01 13:05:48
Exploit for Code Injection in Unicode
2023-01-31 18:15:00
Exploit for Code Injection in Unicode
2021-12-11 07:23:17
rocky
rocky
binutils security update
2021-11-10 08:41:52
gcc-toolset-11-binutils security update
2021-11-10 08:40:25
rust-toolset:rhel8 security update
2021-11-10 08:37:57
debiancve
debiancve
CVE-2021-42574
2021-11-01 04:15:00
openvas
openvas
Fedora: Security Advisory for rust (FEDORA-2021-0578e23912)
2021-11-06 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-1603)
2022-05-05 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-1262)
2022-03-02 00:00:00
atlassian
atlassian
Unicode characters allow malicious code to be hidden from a human reviewer (Jira Server) - CVE-2021-42574
2021-11-01 21:59:47
Unicode characters allow malicious code to be hidden from a human reviewer (Bamboo) - CVE-2021-42574
2021-11-02 23:00:07
Unicode characters allow malicious code to be hidden from a human reviewer (JSM Server & Insight asset management App) - CVE-2021-42574
2021-11-01 22:27:17
ubuntucve
ubuntucve
CVE-2021-42574
2021-11-01 00:00:00
alpinelinux
alpinelinux
CVE-2021-42574
2021-11-01 04:15:00
amazon
amazon
Medium: gcc10, gcc
2022-04-25 22:57:00
cve
cve
CVE-2021-42574
2021-11-01 04:15:00
f5
f5
K74013101 : Binutils vulnerability CVE-2021-42574
2022-02-01 00:00:00
prion
prion
Design/Logic Flaw
2021-11-01 04:15:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0122
2021-11-01 00:00:00

8.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.2%

JSON
Related for MGASA-2021-0517
oraclelinux12nessus91veracode1osv21centos1redhat24almalinux8fedora3githubexploit4rocky7debiancve1openvas8atlassian11ubuntucve1alpinelinux1amazon1cve1f51prion1photon1