41 matches found
[SECURITY] Fedora 43 Update: rust-crypto-auditing-client-0.2.3-4.fc43
Event broker client for crypto-auditing project...
Fedora 43 : rust-crypto-auditing-agent / rust-crypto-auditing-client / etc (2025-b6f15a721e)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-b6f15a721e advisory. Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. Tenable has extracted the preceding description block directly from the Fedora security advisory...
[SECURITY] Fedora 41 Update: rust-crypto-auditing-client-0.2.3-2.fc41
Event broker client for crypto-auditing project...
[SECURITY] Fedora 41 Update: rust-crypto-auditing-event-broker-0.2.3-3.fc41
Event broker for crypto-auditing project...
[SECURITY] Fedora 42 Update: rust-crypto-auditing-client-0.2.3-4.fc42
Event broker client for crypto-auditing project...
[SECURITY] Fedora 42 Update: rust-crypto-auditing-event-broker-0.2.3-5.fc42
Event broker for crypto-auditing project...
Fedora 41 : rust-crypto-auditing-agent / rust-crypto-auditing-client / etc (2025-b1dd6d1575)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-b1dd6d1575 advisory. Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. Tenable has extracted the preceding description block directly from the Fedora security advisory...
Fedora: Security Advisory (FEDORA-2025-eb42f0a2fb)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-b1dd6d1575)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 42 : rust-crypto-auditing-agent / rust-crypto-auditing-client / etc (2025-eb42f0a2fb)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-eb42f0a2fb advisory. Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. Tenable has extracted the preceding description block directly from the Fedora security advisory...
Linux Distros Unpatched Vulnerability : CVE-2023-49092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through...
[SECURITY] Fedora 41 Update: rust-crypto-auditing-agent-0.2.3-2.fc41
Event collector agent for crypto-auditing project...
GHSA-JP3W-3Q88-34CF Miscomputation when performing AES encryption in rust-crypto
The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...
abstract-boot (>=0.2.0-beta.4 <=0.2.0-beta.7), ace-test-lib (=0.1.0) +711 more potentially affected by unknown CVE via rust-crypto (=0.2.36)
rust-crypto CARGO version =0.2.36 is affected by a known vulnerability. The following packages have a transitive dependency on rust-crypto and may be impacted: - abstract-boot =0.2.0-beta.4, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.2.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 and more...
Miscomputation when performing AES encryption in rust-crypto
The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...
RUSTSEC-2022-0011 Miscomputation when performing AES encryption in rust-crypto
The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...
abstract-boot (>=0.2.0-beta.4 <=0.2.0-beta.7), ace-test-lib (=0.1.0) +711 more potentially affected by unknown CVE via rust-crypto (=0.2.36)
rust-crypto CARGO version =0.2.36 is affected by a known vulnerability. The following packages have a transitive dependency on rust-crypto and may be impacted: - abstract-boot =0.2.0-beta.4, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.2.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 and more...
Miscomputation when performing AES encryption in rust-crypto
The following Rust program demonstrates some strangeness in AES encryption - if you have an immutable key slice and then operate on that slice, you get different encryption output than if you operate on a copy of that key. For these functions, we expect that extending a 16 byte key to a 32 byte k...
abstract-boot (>=0.2.0-beta.4 <=0.2.0-beta.7), ace-test-lib (=0.1.0) +711 more potentially affected by unknown CVE via rust-crypto (=0.2.36)
rust-crypto CARGO version =0.2.36 is affected by a known vulnerability. The following packages have a transitive dependency on rust-crypto and may be impacted: - abstract-boot =0.2.0-beta.4, =0.0.1, =0.0.1, =0.1.0, =0.0.1, =0.1.0, =0.2.0, =0.8.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0 and more...
rust-crypto is unmaintained; switch to a modern alternative
The rust-crypto crate has not seen a release or GitHub commit since 2016, and its author is unresponsive. NOTE: The old rust-crypto crate with hyphen should not be confused with similarly named new RustCrypto GitHub Org without hyphen. The GitHub Org is actively maintained. We recommend you switc...