238 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-25574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the http crate before 0.1.20 for Rust. An integer overflow in HeaderMap::reserve could result in denial of service e.g., an infinite...
Linux Distros Unpatched Vulnerability : CVE-2025-4574
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that cou...
Linux Distros Unpatched Vulnerability : CVE-2025-53605
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields ...
Linux Distros Unpatched Vulnerability : CVE-2023-53161
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The buffered-reader crate before 1.1.5 for Rust allows out-of-bounds array access and a panic. CVE-2023-53161 Note that Nessus relies on the presence of the...
Linux Distros Unpatched Vulnerability : CVE-2024-58265
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The snow crate before 0.9.5 for Rust, when stateful TransportState is used, allows incrementing a nonce and thereby denying message delivery. CVE-2024-58265 Not...
Linux Distros Unpatched Vulnerability : CVE-2021-26957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in...
Linux Distros Unpatched Vulnerability : CVE-2021-25900
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the smallvec crate before 0.6.14 and 1.x before 1.6.1 for Rust. There is a heap-based buffer overflow in SmallVec::insertmany...
Linux Distros Unpatched Vulnerability : CVE-2023-53158
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The gix-transport crate before 0.36.1 for Rust allows command execution via the gix clone 'ssh://-oProxyCommand=open$IFS substring. NOTE: this was discovered...
Linux Distros Unpatched Vulnerability : CVE-2019-25001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the serdecbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. CVE-2019-2500...
Medium: rust
Issue Overview: The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input. CVE-2025-53605 Affected Packages: rust Issue Correction: Run dnf update rust --releasever...
tsify-next is unmaintained, use tsify instead
The tsify-next crate is not maintained any more; use tsify instead...
SUSE CVE-2023-53160
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...
Duplicate Advisory: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-25mx-8f3v-8wh7. This link is maintained to preserve external references. Original Description The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...
Duplicate Advisory: gix-transport code execution vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-rrjw-j4m2-mf34. This link is maintained to preserve external references. Original Description The gix-transport crate before 0.36.1 for Rust allows command execution via the "gix clone...
UBUNTU-CVE-2023-53160
The sequoia-openpgp crate before 1.16.0 for Rust allows out-of-bounds array access and a panic...
UBUNTU-CVE-2022-50237
The ed25519-dalek crate before 2 for Rust allows a double public key signing function oracle attack. The Keypair implementation leads to a simple computation for extracting a private key...
CVE-2023-53157
The rosenpass crate before 0.2.1 for Rust allows remote attackers to cause a denial of service panic via a one-byte UDP packet...
CVE-2023-53158
CVE-2023-53158 affects the Rust crate gix-transport (before 0.36.1). The issue enables command execution via the substring gix clone 'ssh://-oProxyCommand=open$IFS', i.e., an SSH command injection. Impact details in sources indicate local attack vector with low confidentiality/integrity impact an...
DEBIAN-CVE-2024-58266
The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the and \xa0 characters, which may facilitate command injection...
GHSA-P444-P2RM-HVRW Duplicate Advisory: transpose: Buffer overflow due to integer overflow
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-5gmm-6m36-r7jh. This link is maintained to preserve external references. Original Description The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments...