Lucene search
+L

20 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2026/03/19 12:0 a.m.3 views

cargo1.93-1.93.0-3.1 on GA media (moderate)

cargo1.93-1.93.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10383-1 Rating: moderate Cross-References: CVE-2026-31812 CVSS scores: CVE-2026-31812 SUSE : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2026-31812 SUSE : 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:...

6.9CVSS5.8AI score0.005EPSS
Exploits0
OSV
OSV
added 2026/03/17 12:0 a.m.2 views

OPENSUSE-SU-2026:10383-1 cargo1.93-1.93.0-3.1 on GA media

These are all security issues fixed in the cargo1.93-1.93.0-3.1 package on the GA media of openSUSE Tumbleweed...

8.7CVSS5.8AI score0.005EPSS
Exploits0References1
OSV
OSV
added 2026/03/17 12:0 a.m.2 views

OPENSUSE-SU-2026:10384-1 cargo1.94-1.94.0-2.1 on GA media

These are all security issues fixed in the cargo1.94-1.94.0-2.1 package on the GA media of openSUSE Tumbleweed...

8.7CVSS5.8AI score0.005EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-6662

Malicious code in bioql PyPI...

6.5CVSS6.4AI score0.00822EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.14 views

Linux Distros Unpatched Vulnerability : CVE-2022-36114

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cargo is a package manager for the rust programming language. It was discovered that Cargo did not limit the amount of data extracted from compressed archives. ...

6.5CVSS7.2AI score0.00822EPSS
Exploits0References3
Redos
Redos
added 2024/07/29 12:0 a.m.28 views

ROS-20240729-11

A vulnerability in the Cargo package manager of the Rust programming language involves the injection of arbitrary HTML after including it in a report generated by Cargo. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code...

6.1CVSS7.9AI score0.00846EPSS
Exploits0
Redos
Redos
added 2024/07/29 12:0 a.m.26 views

ROS-20240729-09

Vulnerability in Cargo package manager of Rust programming language is related to ignoring umask when extracting archives created on UNIX-like systems. when retrieving archives created on UNIX-like systems. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute...

7.9CVSS7.6AI score0.00763EPSS
Exploits0
OSV
OSV
added 2024/06/15 12:0 a.m.13 views

OPENSUSE-SU-2024:11769-1 cargo1.58-1.58.0-2.1 on GA media

These are all security issues fixed in the cargo1.58-1.58.0-2.1 package on the GA media of openSUSE Tumbleweed...

7.3CVSS7.2AI score0.01376EPSS
Exploits1References1
OSV
OSV
added 2024/06/15 12:0 a.m.9 views

OPENSUSE-SU-2024:11359-1 cargo-1.54.0-1.2 on GA media

These are all security issues fixed in the cargo-1.54.0-1.2 package on the GA media of openSUSE Tumbleweed...

8.1CVSS7.9AI score0.53336EPSS
Exploits3References3
OSV
OSV
added 2024/06/15 12:0 a.m.11 views

OPENSUSE-SU-2024:11767-1 cargo1.56-1.56.1-4.1 on GA media

These are all security issues fixed in the cargo1.56-1.56.1-4.1 package on the GA media of openSUSE Tumbleweed...

7.3CVSS7.2AI score0.01376EPSS
Exploits1References1
Redos
Redos
added 2024/04/03 12:0 a.m.8 views

ROS-20240402-20

A vulnerability in the Cargo package manager of the Rust programming language is associated with incorrect verification of the of the cryptographic signature. Exploitation of the vulnerability could allow an attacker acting remotely, affect the integrity of protected information via SSH protocol...

5.9CVSS6.6AI score0.00649EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/21 12:0 a.m.27 views

Amazon Linux 2023 : cargo, clippy, rust (ALAS2023-2023-109)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-109 advisory. 2024-02-15: CVE-2022-36113 was added to this advisory. 2024-02-15: CVE-2022-36114 was added to this advisory. Cargo is a package manager for the rust programming language. After a package is...

8.1CVSS7.5AI score0.01041EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2023/02/13 12:0 a.m.7 views

The vulnerability of the Cargo package manager in the Rust programming language, which allows attackers to compromise the integrity of the protected information

The vulnerability of the Cargo package manager in the Rust programming language is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability allows a malicious actor to influence the integrity of the protected information via the SSH protocol...

5.4CVSS6AI score0.00649EPSS
Exploits0References5Affected Software4
OSV
OSV
added 2023/01/11 9:15 p.m.3 views

ALPINE-CVE-2022-46176

Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could exploit this to perform man-in-the-middle MITM attacks. This vulnerability has been assigned...

5.9CVSS5.4AI score0.00649EPSS
Exploits0References1
OSV
OSV
added 2022/09/14 12:0 a.m.32 views

CVE-2022-36114 Extracting malicious crates can fill the file system

Cargo is a package manager for the rust programming language. It was discovered that Cargo did not limit the amount of data extracted from compressed archives. An attacker could upload to an alternate registry a specially crafted package that extracts way more data than its size also known as a...

4.8CVSS7.2AI score0.00822EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2021/02/17 12:0 p.m.6 views

atomic_cell (=0.1.0) potentially affected by CVE-2021-29937 via telemetry (=0.1.3)

telemetry CARGO version =0.1.3 is affected by a known vulnerability. The following packages have a transitive dependency on telemetry and may be impacted: - atomiccell =0.1.0 Source cves: CVE-2021-29937 Source advisory: OSV:RUSTSEC-2021-0046...

9.8CVSS7.2AI score0.01363EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/07/27 12:0 a.m.57 views

SUSE SLED15 / SLES15 Security Update : rust, rust-cbindgen (SUSE-SU-2020:2041-1)

"This update for rust, rust-cbindgen fixes the following issues : rust was updated for use by Firefox 76ESR. Fixed miscompilations with rustc 1.43 that lead to LTO failures bsc1173202 Update to version 1.43.1 Updated openssl-src to 1.1.1g for CVE-2020-1967. Fixed the stabilization of AVX-512...

7.5CVSS6.8AI score0.53336EPSS
Exploits2References10
OpenVAS
OpenVAS
added 2020/07/08 12:0 a.m.45 views

openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0945-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8AI score0.53336EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/07/07 12:0 a.m.35 views

openSUSE: Security Advisory for rust, (openSUSE-SU-2020:0933-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS8AI score0.53336EPSS
Exploits2References2
OSV
OSV
added 2019/09/30 10:15 p.m.7 views

DEBIAN-CVE-2019-16760

Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the package configuration key. Usage of the package key to rename dependencies in Cargo.toml is ignored in Rust 1.25.0 and prior. When Rust 1.25.0 and prior is used Cargo may download the wrong dependency,...

7.5CVSS6.3AI score0.0126EPSS
Exploits1References1
Rows per page
Query Builder