76 matches found
CVE-2026-62203
OpenClaw vulnerable before version 2026.6.6 due to an environment variable filtering issue in host exec that fails to sanitize rustup startup variables. Affected product: OpenClaw. Root cause: improper sanitization of environment variables during rustup startup. Impact: attackers with lower-trust...
EUVD-2026-45092
OpenClaw versions before 2026.6.6 contain an environment variable filtering vulnerability in host exec that fails to properly sanitize rustup startup variables. Attackers with lower-trust caller access or configured input paths can execute or persist actions beyond their intended authorization...
SUSE-SU-2026:2832-1 Security update for rustup
This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. - CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. - CVE-2026-41676: openssl: Deriver:derive and...
SUSE-SU-2026:2831-1 Security update for rustup
This update for rustup fixes the following issues Security issues: - CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243862. - CVE-2025-58160: tracing-subscriber: Tracing log pollution bsc1249008. - CVE-2026-25727: time: parsing of user-provid...
OPENSUSE-SU-2026:11223-1 rustup-1.28.2~0-5.1 on GA media
These are all security issues fixed in the rustup-1.28.20-5.1 package on the GA media of openSUSE Tumbleweed...
OPENSUSE-SU-2026:11205-1 rustup-1.28.2~0-4.1 on GA media
These are all security issues fixed in the rustup-1.28.20-4.1 package on the GA media of openSUSE Tumbleweed...
SUSE-SU-2026:2441-1 Security update for rustup
This update for rustup fixes the following issues - CVE-2026-25727: time: parsing of user-provided input by the RFC 2822 date parser can lead to stack exhaustion bsc1257902. - rust-shlex: Multiple issues involving quote API RUSTSEC-2024-0006, GHSA-r7qv-8r2h-pg27 bsc1230032...
GHSA-3PV8-6F4R-FFG2 vulnerabilities
Vulnerabilities for packages: litmus, zizmor, wasm-pack, rustup, qdrant, cleave, rye, sccache, deno, wasmcloud, cargo-c, buck2...
GHSA-PHQJ-4MHP-Q6MQ vulnerabilities
Vulnerabilities for packages: sdp-k8s-injector, rpm-sequoia, vector, rustup, sccache, deno, sqlx...
CVE-2026-45784 vulnerabilities
Vulnerabilities for packages: sdp-k8s-injector, rpm-sequoia, vector, rustup, sccache, deno, sqlx...
[SECURITY] Fedora 43 Update: rustup-1.29.0-4.fc43
Manage multiple rust installations with ease...
CVE-2026-45784 vulnerabilities
Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...
GHSA-PHQJ-4MHP-Q6MQ vulnerabilities
Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...
[SECURITY] Fedora 44 Update: rustup-1.29.0-4.fc44
Manage multiple rust installations with ease...
Fedora 44 : rustup (2026-fc7afe14b7)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fc7afe14b7 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...
CVE-2026-42327 vulnerabilities
Vulnerabilities for packages: sdp-k8s-injector, rpm-sequoia, vector, rustup, sccache, deno, sqlx...
GHSA-XP3W-R5P5-63RR vulnerabilities
Vulnerabilities for packages: sdp-k8s-injector, rpm-sequoia, vector, rustup, sccache, deno, sqlx...
CVE-2026-42327 vulnerabilities
Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...
GHSA-XP3W-R5P5-63RR vulnerabilities
Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...
CVE-2026-41898 vulnerabilities
Vulnerabilities for packages: rustls-openssl-client, guestproxyagent, komodo, sccache, bootc, valkey-ldap, rustup, deno, sdp-k8s-injector, typst, sqlx, sentry-cli, rpm-sequoia, ztunnel-fips, vector...