9529 matches found
[SECURITY] Fedora 42 Update: rust-kbs-types-0.11.0-1.fc42
Rust deserializable types for KBS...
Fedora 43 : rust-cursive / rust-cursive0.20 / rust-cursive_core / etc (2025-8b79fa8396)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8b79fa8396 advisory. - Update the cursive crate to version 0.21.1 and add a compat package for version 0.20. - Update the cursivecore crate to version 0.4.6 and add a compat...
Fedora 41 : libkrun / rust-kbs-types / rust-sev / rust-sevctl (2025-c53905e83d)
The remote Fedora 41 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-c53905e83d advisory. This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574 Tenable has extracted the preceding descripti...
Fedora 42 : python-pydantic-core / rust-adblock / rust-cookie_store / etc (2025-04847cb65d)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-04847cb65d advisory. Update uv to 0.6.14, with various bugfixes and new features. Update rust-idna to 1.0.3 fixing RUSTSEC-2024-0421, rust-url to 2.5.4, rust- adblock to 0.9.6, a...
Fedora 43 : python-uv-build / rust-gitui / rust-gstreamer / rust-ron / etc (2025-1311e4cd58)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-1311e4cd58 advisory. Update rust-ron to 0.9. Update rust-zip to 2.6.1, fixing GHSA-94vh-gphv-8pm8. Tenable has extracted the preceding description block directly from the Fedora...
Fedora 42 : rust-hickory-proto (2025-99f0d93d68)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-99f0d93d68 advisory. Update to version 0.24.4. Also contains fixes for RUSTSEC-2025-0006. Tenable has extracted the preceding description block directly from the Fedora security...
Fedora 42 : rust-openssl / rust-openssl-sys (2025-c263d3ebd9)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-c263d3ebd9 advisory. - Update the openssl crate to version 0.10.72. - Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 a...
Fedora 42 : ruff / rust-hashlink / rust-rusqlite (2025-04894ce9bd)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-04894ce9bd advisory. Security update for CVE-2025-4574, GHSA-pg9f-39pc-qf8g: by rebuilding ruff, we ensure that it uses version 0.5.15 of the crossbeam-channel crate library. ---...
Fedora 42 : libkrun / rust-kbs-types / rust-sev / rust-sevctl (2025-4fc3431dab)
The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-4fc3431dab advisory. This release includes improvements and fixes, and updates crossbeam-channel dependency to address CVE-2025-4574 Tenable has extracted the preceding descripti...
Fedora 43 : rust-openssl / rust-openssl-sys (2025-e385cbedb5)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-e385cbedb5 advisory. - Update the openssl crate to version 0.10.72. - Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 a...
Fedora 42 : rust-zincati (2025-19fabb2ca6)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-19fabb2ca6 advisory. New upstream release v0.0.30 see: https://github.com/coreos/zincati/releases/tag/v0.0.30 Tenable has extracted the preceding description block...
Security update for python-cryptography
This update for python-cryptography fixes the following issues: CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch...
SUSE-SU-2025:20407-1 Security update for python-cryptography
This update for python-cryptography fixes the following issues: - CVE-2025-3416: Fixed Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate bsc1242631...
CVE-2025-48937
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...
CVE-2025-48937 matrix-sdk-crypto vulnerable to sender of encrypted events being spoofed by homeserver administrator
matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. matrix-sdk-crypto since version 0.8.0 and up to 0.11.0 does not correctly validate the sender of an encrypted event. Accordingly, a malicious homeserver operator can modify events served to clients, making those event...
matrix-rust-sdk 安全漏洞
matrix-rust-sdk is a Matrix open source implementation of the Matrix client-server library in Rust. A security vulnerability exists in matrix-rust-sdk versions 0.8.0 through 0.11.0, which stems from insufficient sender authentication and could lead to event tampering...
PT-2025-24684 · Unknown · Matrix-Rust-Sdk
Name of the Vulnerable Software and Affected Versions: matrix-rust-sdk versions 0.8.0 through 0.11.0 Description: The issue arises from the failure to correctly validate the sender of an encrypted event in the matrix-sdk-crypto component. This allows a malicious homeserver operator to modify even...
Fedora 43 : rust-git-interactive-rebase-tool (2025-3b4c75f23c)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-3b4c75f23c advisory. Automatic update for rust-git-interactive-rebase-tool-2.4.1-9.fc43. Changelog Sun Jun 8 2025 Benjamin Gilbert - 2.4.1-9 - Rebuild for CVE-2024-12224...
SUSE CVE-2025-5791
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
Duplicate Advisory: users may append `root` to group listings
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m65q-v92h-cm7q. This link is maintained to preserve external references. Original Description A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group...