CVE-2022-23602

CVE-2022-23602 affects Nimforum prior to 2.2.0. A user can create a thread/post with an include pointing to a local file, causing Nimforum to render the file; this can also be triggered via the post preview endpoint. Consequence includes exposure of sensitive data such as forum.json secrets. Vers...

Fedora: Security Advisory for lua (FEDORA-2022-93f064549c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 35 Update: lua-5.4.3-4.fc35

Lua is a powerful light-weight programming language designed for extending applications. Lua is also frequently used as a general-purpose, stand-alone language. Lua is free software. Lua combines simple procedural syntax with powerful data description constructs based on associative arrays and...

Who Wrote the ALPHV/BlackCat Ransomware Strain?

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV a.k.a. "BlackCat", considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. In this post, well explore some of the clues left behind b...

openSUSE 15 Security Update : rust1.55 (openSUSE-SU-2022:0171-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0171-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security...

[SECURITY] Fedora 35 Update: rust-1.58.1-1.fc35

Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. This package includes the Rust compiler and documentation generator...

Fedora: Security Advisory for rust (FEDORA-2022-1bafa3fc91)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE 15 Security Update : rust1.56 (openSUSE-SU-2022:0149-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0149-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security...

SUSE SLED15 / SLES15 Security Update : rust1.56 (SUSE-SU-2022:0149-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0149-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust...

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

CVE-2022-21658 Race condition in std::fs::remove_dir_all in rustlang

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

[SECURITY] Fedora 34 Update: python-cvxopt-1.2.7-1.fc34

CVXOPT is a free software package for convex optimization based on the Python programming language. Its main purpose is to make the development of software for convex optimization applications straightforward by building on Python's extensive standard library and on the strengths of Python as a...

[SECURITY] Fedora 34 Update: golang-1.16.12-1.fc34

The Go Programming Language...

[SECURITY] Fedora 35 Update: golang-1.16.12-1.fc35

The Go Programming Language...

Mozilla Rust has an unspecified vulnerability (CNVD-2022-03126)

Rust is a general-purpose, compiled programming language from the Mozilla Foundation. security vulnerabilities exist in versions of Rust tremor-script crate prior to 0.11.6, which can lead to resource management errors. No details of the vulnerability are currently available...

Mozilla Rust Memory Corruption Vulnerability (CNVD-2022-04516)

Rust, a general-purpose, compiled programming language from the Mozilla Foundation, has a security vulnerability in versions prior to Rust metrics-util crate 0.7.0 that can be exploited by attackers to cause memory corruption...

[SECURITY] Fedora 35 Update: golang-1.16.11-1.fc35

The Go Programming Language...

[SECURITY] Fedora 34 Update: golang-1.16.11-1.fc34

The Go Programming Language...

Nim code issue vulnerability

Nim is a statically typed programming language from the Nim community. nim has a code issue vulnerability that can be exploited by attackers to bypass checks and launch SSRF attacks using null bytes...