Fedora: Security Advisory (FEDORA-2025-472776e5dc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 41 Update: rust-openssl-sys-0.9.107-1.fc41

FFI bindings to OpenSSL...

[SECURITY] Fedora 41 Update: rust-openssl-0.10.72-1.fc41

OpenSSL bindings...

[SECURITY] Fedora 41 Update: trunk-0.21.13-1.fc41

Build, bundle & ship your Rust WASM application to the web...

[SECURITY] Fedora 40 Update: rust-openssl-sys-0.9.107-1.fc40

FFI bindings to OpenSSL...

[SECURITY] Fedora 40 Update: rust-openssl-0.10.72-1.fc40

OpenSSL bindings...

[SECURITY] Fedora 42 Update: rust-openssl-sys-0.9.107-1.fc42

FFI bindings to OpenSSL...

[SECURITY] Fedora 42 Update: rust-openssl-0.10.72-1.fc42

OpenSSL bindings...

Updated rust packages fix security vulnerability

The Rust Security Response WG was notified that the Rust standard library did not properly escape arguments when invoking batch files with the bat and cmd extensions on Windows using the Command API. An attacker able to control the arguments passed to the spawned process could execute arbitrary...

MGASA-2025-0136 Updated rust packages fix security vulnerability

The Rust Security Response WG was notified that the Rust standard library did not properly escape arguments when invoking batch files with the bat and cmd extensions on Windows using the Command API. An attacker able to control the arguments passed to the spawned process could execute arbitrary...

Fedora 40 : rust-openssl / rust-openssl-sys (2025-472776e5dc)

The remote Fedora 40 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-472776e5dc advisory. - Update the openssl crate to version 0.10.72. - Update the openssl-sys crate to version 0.9.107. This update addresses CVE-2025-3416 / RUSTSEC-2025-0022 a...

[SECURITY] Fedora 42 Update: trunk-0.21.13-1.fc42

Build, bundle & ship your Rust WASM application to the web...

Linux Distros Unpatched Vulnerability : CVE-2024-3296

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A timing-based side-channel flaw exists in the rust-openssl package, which could be sufficient to recover a plaintext across a network in a Bleichenbacher-style...

PT-2025-25808

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the version that includes the fix for this issue Description A vulnerability in the Linux kernel has been resolved. The issue occurs when calling core::fmt::write from Rust code while FineIBT is enabled, resultin...

CVE-2025-32033

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters e.g. for a query's height. If a counter...

SUSE CVE-2025-31130

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...

CVE-2025-32033

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters e.g. for a query's height. If a counter...

CVE-2025-32033 Apollo Router Operation Limits Vulnerable to Bypass via Integer Overflow

The Apollo Router Core is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Prior to 1.61.2 and 2.1.1, the operation limits plugin uses unsigned 32-bit integers to track limit counters e.g. for a query's height. If a counter...

AskAI (=0.1.0), abbegm (=0.5.0) +609 more potentially affected by unknown CVE via tokio (>=0.2.5 <=1.38.1)

tokio CARGO version =0.2.5, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =4.0.0, =0.2.0, =0.6.0, =0.1.0, =0.1.7 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0023...

CVE-2025-31130

gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide uses the sha1smol or sha1 crate, both of which implement standard SHA-1 without any mitigations...