9528 matches found
DLA-4049-1 rust-openssl - security update
Bulletin has no description...
CVE-2025-25188
Hickory DNS is a Rust based DNS client, server, and resolver. A vulnerability present starting in version 0.8.0 and prior to versions 0.24.3 and 0.25.0-alpha.5 impacts Hickory DNS users relying on DNSSEC verification in the client library, stub resolver, or recursive resolver. The DNSSEC validati...
datafu (>=0.0.6 <=0.0.7) potentially affected by unknown CVE via totally-safe-transmute (=0.0.3)
totally-safe-transmute CARGO version =0.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on totally-safe-transmute and may be impacted: - datafu =0.0.6, =0.0.7 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0030...
RUSTSEC-2025-0029 totally-safe introduces memory vulnerabilities in safe Rust
totally-safe provides unsound APIs that exploit a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860...
RUSTSEC-2025-0030 totally-safe-transmute allows transmuting any type to any other type in safe Rust
This crate is a toy and should never be used. It showcases a known soundness issue https://github.com/rust-lang/rust/issues/32670 that will never get fixed. In short, Linux provides a file called /proc/self/mem which can be used by a program to modify its own memory. This library modifies an enum...
totally-safe-transmute allows transmuting any type to any other type in safe Rust
This crate is a toy and should never be used. It showcases a known soundness issue https://github.com/rust-lang/rust/issues/32670 that will never get fixed. In short, Linux provides a file called /proc/self/mem which can be used by a program to modify its own memory. This library modifies an enum...
totally-safe introduces memory vulnerabilities in safe Rust
totally-safe provides unsound APIs that exploit a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860...
cve-rs introduces memory vulnerabilities in safe Rust
This crate is a joke and should never be used. cve-rs provides demonstrations of common memory vulnerabilities such as buffer overflows and segfaults implemented completely within safe Rust. Internally, this crate does not use unsafe code, it instead exploits a soundness bug in rustc:...
RUSTSEC-2025-0028 cve-rs introduces memory vulnerabilities in safe Rust
This crate is a joke and should never be used. cve-rs provides demonstrations of common memory vulnerabilities such as buffer overflows and segfaults implemented completely within safe Rust. Internally, this crate does not use unsafe code, it instead exploits a soundness bug in rustc:...
PT-2025-19818 · Crates.Io · Totally-Safe
totally-safe provides unsound APIs that exploit a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860...
Azure Linux 3.0 Security Update: rust (CVE-2024-32884)
The version of rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32884 advisory. - gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for tex...
Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27535)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27535 advisory. - An authentication bypass vulnerability exists in libcurl 8.0.0 in the FTP...
Azure Linux 3.0 Security Update: libcxx / llvm / rust (CVE-2024-31852)
The version of libcxx / llvm / rust installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-31852 advisory. - LLVM before 18.1.3 generates code in which the LR register can be overwritten without data bei...
Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27534)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27534 advisory. - A path traversal vulnerability exists in curl 8.0.0 SFTP implementation...
Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-28320)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28320 advisory. - A denial of service vulnerability exists in curl v8.1.0 in the way libcurl...
Azure Linux 3.0 Security Update: cmake / curl / mysql / rust / tensorflow (CVE-2023-27533)
The version of cmake / curl / mysql / rust / tensorflow installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-27533 advisory. - A vulnerability in input validation exists in curl 8.0 during communicatio...
[SECURITY] Fedora 40 Update: rust-routinator-0.14.1-2.fc40
An RPKI relying party software...
Fedora 40 : rust-routinator (2025-46db4ee37e)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-46db4ee37e advisory. New ASPA support is now always compiled in and available if enable-aspa is set. The aspa Cargo feature has been removed. 990 If merging mutliple ASPA objects...
[SECURITY] Fedora 41 Update: rustup-1.27.1-6.fc41
Manage multiple rust installations with ease...
[SECURITY] Fedora 41 Update: rust-snphost-0.5.0-3.fc41
Administrative utility for AMD SEV-SNP...