65 matches found
GHSA-9857-6MW7-FQ2M vulnerabilities
Vulnerabilities for packages: cargo-audit, cargo-c...
GHSA-3PV8-6F4R-FFG2 vulnerabilities
Vulnerabilities for packages: wasm-pack, litmus, cleave, cargo-c, sccache, qdrant, rustup, zizmor, rye, deno, buck2, wasmcloud...
GHSA-3PV8-6F4R-FFG2 vulnerabilities
Vulnerabilities for packages: sccache, bootc, wasm-pack, rustup, cleave, deno, rye, buck2, litmus, qdrant, typst, fnm, zizmor, cargo-c, wasmcloud...
GHSA-9857-6MW7-FQ2M vulnerabilities
Vulnerabilities for packages: cargo-audit, cargo-c...
GHSA-CQ8V-F236-94QC vulnerabilities
Vulnerabilities for packages: yazi, rustup, pixi, yara-x, linkerd2-proxy, atuin, kdash, cargo-audit, buck2, wizer, ntpd-rs, fish, zola, vector, shadowsocks-rust, py3-xet-core, linkerd-network-validator, netavark, just, rav1e, berg, mdbook, ruff, samply, zizmor, efs-utils, linkerd2, sccache,...
GHSA-CQ8V-F236-94QC vulnerabilities
Vulnerabilities for packages: ruff, wasmtime, wadm, berg, sdp-k8s-injector, deno, jujutsu, sqlx, buck2, cargo-audit, komodo, starship, lychee, parseable, worktrunk, efs-utils, mountpoint-s3, yara-x, sccache, sentry-cli, hurl, chaos-tproxy, mdbook, zellij, nushell, py3-xet-core, rye,...
Ubuntu 25.10 : cargo-c vulnerability (USN-8139-1)
The remote Ubuntu 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8139-1 advisory. It was discovered that tar-rs embedded in cargo-c incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processin...
Ubuntu: Security Advisory (USN-8139-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8139-1: cargo-c vulnerability
It was discovered that tar-rs embedded in cargo-c incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside th...
PT-2026-29964
It was discovered that tar-rs embedded in cargo-c incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside th...
Fedora: Security Advisory (FEDORA-2026-82783c3c1d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2026-7624cdcfb6)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 42 Update: rust-cargo-c-0.10.19-2.fc42
Helper program to build and install c-like libraries...
[SECURITY] Fedora 43 Update: rust-cargo-c-0.10.19-2.fc43
Helper program to build and install c-like libraries...
[SECURITY] Fedora 44 Update: rust-cargo-c-0.10.19-2.fc44
Helper program to build and install c-like libraries...
Fedora 42 : rust-cargo-c (2026-82783c3c1d)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-82783c3c1d advisory. Rebuilt with rust-tar 0.4.45 for CVE-2026-33056 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 43 : rust-cargo-c (2026-7624cdcfb6)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-7624cdcfb6 advisory. Rebuilt with rust-tar 0.4.45 for CVE-2026-33056 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 44 : rust-cargo-c (2026-ad73d6fafe)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-ad73d6fafe advisory. Rebuilt with rust-tar 0.4.45 for CVE-2026-33056 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
CVE-2026-0810 vulnerabilities
Vulnerabilities for packages: starship, cargo-c...
cargo-c-0.10.15-2.1 on GA media (moderate)
cargo-c-0.10.15-2.1 on GA media Announcement ID: openSUSE-SU-2026:10185-1 Rating: moderate Cross-References: CVE-2026-25727 CVSS scores: CVE-2026-25727 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-25727 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N...