CVE-2022-32215 affecting package rust for versions less than 1.75.0-1

CVE-2022-32215 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

CVE-2022-0614 affecting package rust for versions less than 1.75.0-1

CVE-2022-0614 affecting package rust for versions less than 1.75.0-1. A patched version of the package is available...

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts. Fortinet FortiGuard Labs said it's aware of four different distribution methods -- namely VBA...

The vulnerability of the Rust library for working with Git repositories like gitoxide is related to shortcomings in the path name checking process for Windows. This allows an attacker to trigger a denial-of-service attack.

The vulnerability of the Rust library for working with Git repositories like gitoxide is related to shortcomings in the path name checking process for Windows. Exploiting this vulnerability could allow a malicious actor to cause service failures...

OPENSUSE-SU-2024:13315-1 shadowsocks-rust-1.16.2-1.1 on GA media

These are all security issues fixed in the shadowsocks-rust-1.16.2-1.1 package on the GA media of openSUSE Tumbleweed...

Cybercriminals Employ PhantomLoader to Distribute SSLoad Malware

The nascent malware known as SSLoad is being delivered by means of a previously undocumented loader called PhantomLoader, according to findings from cybersecurity firm Intezer. "The loader is added to a legitimate DLL, usually EDR or AV products, by binary patching the file and employing...

naga Security Breach

Naga is a repository for the Rust Graphics Mages project for generic shader translation in Rust. A security vulnerability exists in naga version 0.14.0 that stems from a stack overflow in a related component...

adder-codec-rs (=0.1.15), assimp (>=0.0.4 <=0.0.6) +56 more potentially affected by unknown CVE via mmap (=0.1.1)

mmap CARGO version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on mmap and may be impacted: - adder-codec-rs =0.1.15 - assimp =0.0.4, =0.9.0, =0.1.0, =0.1.0, =0.1.2, =0.1.0, =0.1.0, =0.1.0, =0.4.0 - cupi =0.1.0 - cupishift =0.1.0 - cylus =0.1.0...

Symlink bypasses filesystem sandbox

Summary If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both oflags::creat and rights::fdwrite. Programs can also crash the runtime by creating a symlink pointing outside with pathsymlink and pathopeni...

GHSA-55F3-3QVG-8PV5 Symlink bypasses filesystem sandbox

Summary If the preopened directory has a symlink pointing outside, WASI programs can traverse the symlink and access host filesystem if the caller sets both oflags::creat and rights::fdwrite. Programs can also crash the runtime by creating a symlink pointing outside with pathsymlink and pathopeni...

Fedora: Security Advisory (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-uu_fmt (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-is_ci (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-rpick (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-pulldown-cmark (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-termbg (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-uu_date (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-varlink_generator (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-scx_rustland (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rustup (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...