9532 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-49092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through...
Linux Distros Unpatched Vulnerability : CVE-2019-25001
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the serdecbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags. CVE-2019-2500...
Linux Distros Unpatched Vulnerability : CVE-2023-53159
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::sethost. CVE-2023-53159 Note that Nessus relie...
Linux Distros Unpatched Vulnerability : CVE-2020-35921
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation. CVE-2020-35921...
Linux Distros Unpatched Vulnerability : CVE-2025-27498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - aes-gcm is a pure Rust implementation of the AES-GCM. In decryptinplacedetached, the decrypted ciphertext which is the correct ciphertext is exposed even if the...
Linux Distros Unpatched Vulnerability : CVE-2023-53156
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The transpose crate before 0.2.3 for Rust allows an integer overflow via inputwidth and inputheight arguments. CVE-2023-53156 Note that Nessus relies on the...
Linux Distros Unpatched Vulnerability : CVE-2021-27378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the randcore crate before 0.6.2 for Rust. Because readu32into and readu64into mishandle certain buffer-length checks, a random number...
Fedora 41 : chromium (2025-0ea30a8042)
The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0ea30a8042 advisory. Updated to 139.0.7258.127 CVE-2025-8879: Heap buffer overflow in libaom CVE-2025-8880: Race in V8 CVE-2025-8901: Out of bounds write in ANGLE...
Fedora 42 : chromium (2025-502faa722e)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-502faa722e advisory. Updated to 139.0.7258.127 CVE-2025-8879: Heap buffer overflow in libaom CVE-2025-8880: Race in V8 CVE-2025-8901: Out of bounds write in ANGLE...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
SUSE-SU-2025:02811-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
SUSE-SU-2025:02810-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...
Security update for rust-keylime
This update for rust-keylime fixes the following issues: Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344. CVE-2024-12224...
SUSE-SU-2025:02809-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: - Update to version 0.2.7+141: CVE-2025-58266: shlex: Fixed command injection bsc1247193 - Update to version 0.2.7+117: CVE-2023-26964: rust-keylime: hyper,h2: stream stacking when H2 processing HTTP2 RSTSTREAM frames bsc1210344...
Linux Distros Unpatched Vulnerability : CVE-2025-4432
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induc...
CVE-2025-54867
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...
CVE-2025-54867 Youki Symlink Following Vulnerability
Youki is a container runtime written in Rust. Prior to version 0.5.5, if /proc and /sys in the rootfs are symbolic links, they can potentially be exploited to gain access to the host root filesystem. This issue has been patched in version 0.5.5...
CVE-2025-55159 vulnerabilities
Vulnerabilities for packages: mdbook, linkerd2-proxy, pixi, shadowsocks-rust, linkerd2, buck2, uv, linkerd-extension-init, zola, efs-utils...
GHSA-QX2V-8332-M4FV vulnerabilities
Vulnerabilities for packages: mdbook, linkerd2-proxy, pixi, shadowsocks-rust, linkerd2, buck2, uv, linkerd-extension-init, zola, efs-utils...