Lucene search
K

28 matches found

OSV
OSV
added 2025/03/07 3:26 p.m.2 views

OESA-2025-1236 rust security update

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator. Security Fixes: Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not...

7.9CVSS6.8AI score0.00763EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2022-46176

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and...

5.9CVSS5.6AI score0.00649EPSS
Exploits0References3
CBLMariner
CBLMariner
added 2025/01/12 9:15 a.m.23 views

CVE-2022-46176 affecting package rust 1.59.0-1

CVE-2022-46176 affecting package rust 1.59.0-1. No patch is available currently...

5.9CVSS7.5AI score0.00649EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/04/29 12:0 a.m.28 views

Fedora 37 : rust (2023-19bcafe341)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-19bcafe341 advisory. Security fix for CVE-2022-46176: Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. For more details, see the...

5.9CVSS5.8AI score0.00649EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.18 views

openSUSE: Security Advisory for rust1.65 (SUSE-SU-2023:0133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.00649EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.16 views

openSUSE: Security Advisory for rust1.66 (SUSE-SU-2023:0132-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.00649EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2023/04/16 1:5 a.m.18 views

CVE-2022-46176 affecting package rust for versions less than 1.68.2-1

CVE-2022-46176 affecting package rust for versions less than 1.68.2-1. An upgraded version of the package is available that resolves this issue...

5.9CVSS6.1AI score0.00649EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 3:22 a.m.3 views

SUSE CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

7.5CVSS6.8AI score0.00649EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2023/01/25 12:0 a.m.16 views

SUSE: Security Advisory (SUSE-SU-2023:0133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.5AI score0.00649EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/01/25 12:0 a.m.19 views

SUSE: Security Advisory (SUSE-SU-2023:0132-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.7AI score0.00649EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.29 views

Amazon Linux 2022 : cargo, clippy, rust (ALAS2022-2023-278)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2023-278 advisory. Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit...

5.9CVSS5.6AI score0.00649EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.32 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rust1.66 (SUSE-SU-2023:0132-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0132-1 advisory. - CVE-2022-46176: Fixed missing SSH host key verification in cargo when cloning indexes and dependencies...

5.9CVSS6.2AI score0.00649EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/01/25 12:0 a.m.27 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : rust1.65 (SUSE-SU-2023:0133-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0133-1 advisory. - CVE-2022-46176: Fixed missing SSH host key verification in cargo when cloning indexes and dependencies...

5.9CVSS6.2AI score0.00649EPSS
Exploits0References4
OSV
OSV
added 2023/01/24 2:37 p.m.7 views

SUSE-SU-2023:0132-1 Security update for rust1.66

This update for rust1.66 fixes the following issues: - CVE-2022-46176: Fixed missing SSH host key verification in cargo when cloning indexes and dependencies via SSHbsc1206930...

5.9CVSS5.7AI score0.00649EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/01/22 12:0 a.m.20 views

Fedora: Security Advisory for rust (FEDORA-2023-575fcaf4bf)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS5.7AI score0.00649EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/01/21 12:0 a.m.21 views

Fedora 36 : rust (2023-575fcaf4bf)

The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-575fcaf4bf advisory. Security fix for CVE-2022-46176: Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. For more details, see the...

5.9CVSS5.8AI score0.00649EPSS
Exploits0References2
RustSec
RustSec
added 2023/01/12 12:0 p.m.40 views

git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

5.9CVSS5.6AI score0.00649EPSS
Exploits0Affected Software1
NVD
NVD
added 2023/01/11 9:15 p.m.14 views

CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.2AI score0.00649EPSS
Exploits0References4
OSV
OSV
added 2023/01/11 9:15 p.m.1 views

DEBIAN-CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.7AI score0.00649EPSS
Exploits0References1
CVE
CVE
added 2023/01/11 8:7 p.m.270 views

CVE-2022-46176

Cargo for Rust did not verify SSH host keys when cloning indexes/dependencies via SSH, enabling potential MITM attacks. All Rust versions containing Cargo before 1.66.1 are affected; upgrading to Cargo/Rust 1.66.1 fixes the SSH host key verification behavior by aborting connections if the server ...

5.9CVSS5.3AI score0.00649EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder