Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9526 matches found

OpenVAS
OpenVASadded 2023/01/13 12:0 a.m.23 views

Fedora: Security Advisory for rust (FEDORA-2023-19bcafe341)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS5.7AI score0.00649EPSS
Exploits0References2
CVE
CVEadded 2023/01/13 12:0 a.m.86 views

CVE-2022-45299

CVE-2022-45299 affects rust-lang/webbrowser-rs v0.8.2. The issue in the IpFile argument allows an attacker to access arbitrary files by supplying a crafted URL. The CVSSv3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) yields a base score of 9.8 (CRITICAL). Exploitation details are not provided i...

9.8CVSS9.2AI score0.01349EPSS
Exploits1References1Affected Software1
OSV
OSVadded 2023/01/12 12:0 p.m.46 views

RUSTSEC-2023-0002 git2 Rust package suppresses ssh host key checking

By default, when accessing an ssh repository ie via an ssh: git repository url the git2 Rust package does not do any host key checking. Additionally, the provided API is not sufficient for a an application to do meaningful checking itself. Impact When connecting to an ssh repository, and when an...

5.9CVSS5.6AI score0.00649EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2023/01/12 7:36 a.m.39 views

CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.3CVSS5.7AI score0.00649EPSS
Exploits0References3
OSV
OSVadded 2023/01/11 9:15 p.m.2 views

ALPINE-CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.4AI score0.00649EPSS
Exploits0References1
NVD
NVDadded 2023/01/11 9:15 p.m.12 views

CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.2AI score0.00649EPSS
Exploits0References4
Prion
Prionadded 2023/01/11 9:15 p.m.20 views

Design/Logic Flaw

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

2.6CVSS5.4AI score0.00649EPSS
Exploits0References3Affected Software1
OSV
OSVadded 2023/01/11 9:15 p.m.2 views

UBUNTU-CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS6.1AI score0.00649EPSS
Exploits0References4
Debian CVE
Debian CVEadded 2023/01/11 8:7 p.m.24 views

CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.2AI score0.00649EPSS
Exploits0
Cvelist
Cvelistadded 2023/01/11 8:7 p.m.14 views

CVE-2022-46176 Cargo did not verify SSH host keys

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.3CVSS6AI score0.00649EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2023/01/11 8:7 p.m.7 views

CVE-2022-46176 Cargo did not verify SSH host keys

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.3CVSS5.7AI score0.00649EPSS
Exploits0References4
OSV
OSVadded 2023/01/11 8:7 p.m.18 views

CVE-2022-46176 Cargo did not verify SSH host keys

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.3CVSS5.4AI score0.00649EPSS
Exploits0References6
CVE
CVEadded 2023/01/11 8:7 p.m.266 views

CVE-2022-46176

Cargo for Rust did not verify SSH host keys when cloning indexes/dependencies via SSH, enabling potential MITM attacks. All Rust versions containing Cargo before 1.66.1 are affected; upgrading to Cargo/Rust 1.66.1 fixes the SSH host key verification behavior by aborting connections if the server ...

5.9CVSS5.3AI score0.00649EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinuxadded 2023/01/11 8:7 p.m.37 views

CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.5AI score0.00649EPSS
Exploits0
vulnersOsv
vulnersOsvadded 2023/01/11 12:0 p.m.5 views

BeerHolderBot (>=0.1.0 <=0.3.6), IMAPServer (>=0.1.0 <=0.2.0) +4847 more potentially affected by unknown CVE via tokio (>=0.2.10 <=1.17.0)

tokio CARGO version =0.2.10, =0.1.0, =0.1.0, =1.0.0, =0.0.2, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.5.0, =0.5.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0005...

5.5AI score
Exploits0
RustSec
RustSecadded 2023/01/11 12:0 p.m.14 views

`tokio::io::ReadHalf<T>::unsplit` is Unsound

tokio::io::ReadHalf::unsplit can violate the Pin contract The soundness issue is described in the tokio/issues5372 Specific set of conditions needed to trigger an issue a !Unpin type in ReadHalf is unusual, combined with the difficulty of making any arbitrary use-after-free exploitable in Rust...

1.6AI score
Exploits0Affected Software1
OSV
OSVadded 2023/01/11 12:0 p.m.18 views

RUSTSEC-2023-0005 `tokio::io::ReadHalf<T>::unsplit` is Unsound

tokio::io::ReadHalf::unsplit can violate the Pin contract The soundness issue is described in the tokio/issues5372 Specific set of conditions needed to trigger an issue a !Unpin type in ReadHalf is unusual, combined with the difficulty of making any arbitrary use-after-free exploitable in Rust...

7AI score
Exploits0References3
UbuntuCve
UbuntuCveadded 2023/01/11 12:0 a.m.50 views

CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS6.1AI score0.00649EPSS
Exploits0References3
Github Security Blog
Github Security Blogadded 2023/01/10 9:9 p.m.35 views

Cargo did not verify SSH host keys

The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned CVE-2022-46176. Overview When an SSH client...

5.9CVSS5.4AI score0.00649EPSS
Exploits0References7Affected Software1
OSV
OSVadded 2023/01/10 9:9 p.m.33 views

GHSA-R5W3-XM58-JV6J Cargo did not verify SSH host keys

The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned CVE-2022-46176. Overview When an SSH client...

5.3CVSS5.4AI score0.00649EPSS
Exploits0References7
Rows per page
Query Builder