9529 matches found
[SECURITY] Fedora 42 Update: rust-gitui-0.26.3-11.fc42
Blazing fast terminal-ui for git...
[SECURITY] Fedora 42 Update: rust-nu-command-0.99.1-8.fc42
Nushell's built-in commands...
[SECURITY] Fedora 42 Update: rust-nu-test-support-0.99.1-4.fc42
Support for writing Nushell tests...
CVE-2025-4574 affecting package rust for versions less than 1.75.0-16
CVE-2025-4574 affecting package rust for versions less than 1.75.0-16. A patched version of the package is available...
CVE-2025-4574 affecting package rust for versions less than 1.86.0-3
CVE-2025-4574 affecting package rust for versions less than 1.86.0-3. A patched version of the package is available...
Matrix Rust SDK SQL注入漏洞
Matrix Rust SDK is an open source Rust-based Matrix client server development toolkit from The Matrix.org Foundation. A SQL injection vulnerability exists in Matrix Rust SDK versions 0.11 and 0.12, which stems from SQL injection in the EventCache::findeventwithrelations method, and could lead to...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue CVE-2025-38000 In the Linux kernel, the following vulnerability has been resolved: can: bcm: add missing rcu read protection for procfs content...
Fedora 41 : helix / rust-blazesym-c / rust-clearscreen / rust-gitui / etc (2025-785afc6856)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-785afc6856 advisory. rust-which 8.0.0 - Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks...
Fedora 42 : helix / rust-blazesym-c / rust-clearscreen / rust-gitui / etc (2025-0cde7282be)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-0cde7282be advisory. rust-which 8.0.0 - Add new Sys trait to allow abstracting over the underlying filesystem. Particularly useful for wasm32-unknown-unknown targets. Thanks...
Building Serverless Apps with Spin and HTMX
A tutorial on building serverless applications using Fermyon Spin and htmx, demonstrating a shopping list app with a Rust back end and htmx-enhanced front end...
CVE-2025-53604
The web-push crate before 0.10.3 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header...
CVE-2025-53605
A flaw was found in protobuf. The protobuf::codedinputstream::CodedInputStream::skipgroup function exhibits uncontrolled recursion when parsing unknown fields from untrusted input, potentially leading to excessive resource consumption. This flaw allows a network attacker to trigger this condition...
GHSA-287X-9RFF-QVCG Rust Web Push is vulnerable to a DoS attack via a large integer in a Content-Length header
The web-push crate before 0.10.4 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header. The patch was initially made available in version 0.10.3, but version 0.10.3 has since been yanked...
GHSA-RXF6-323F-44FC Duplicate Advisory: rust-protobuf crate is vulnerable to Uncontrolled Recursion, potentially leading to DoS
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2gh3-rmm4-6rq5. This link is maintained to preserve external references. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup...
Duplicate Advisory: rust-protobuf crate is vulnerable to Uncontrolled Recursion, potentially leading to DoS
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-2gh3-rmm4-6rq5. This link is maintained to preserve external references. The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup...
Rust Web Push is vulnerable to a DoS attack via a large integer in a Content-Length header
The web-push crate before 0.10.4 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header. The patch was initially made available in version 0.10.3, but version 0.10.3 has since been yanked...
AZL-65565 CVE-2025-53605 affecting package rust for versions less than 1.75.0-17
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
AZL-65556 CVE-2025-53605 affecting package kata-containers for versions less than 3.19.1.kata2-1
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
AZL-65592 CVE-2025-53605 affecting package rust for versions less than 1.72.0-11
The protobuf crate before 3.7.2 for Rust allows uncontrolled recursion in the protobuf::codedinputstream::CodedInputStream::skipgroup parsing of unknown fields in untrusted input...
CVE-2025-53604
The web-push crate before 0.10.3 for Rust allows a denial of service memory consumption in the built-in clients via a large integer in a Content-Length header...