Astra Linux - уязвимость в rustc

crossbeam-utils provides atomic operations, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. Prior to version 0.8.7, crossbeam-utils incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u...

Astra Linux - уязвимость в firefox

Crossbeam-deque is a set of work-stealing deques for building task schedulers in Rust programming. In versions prior to 0.7.4 and 0.8.0, the race condition resulted in one or more tasks in the worker queue being popped twice, instead of other tasks that were forgotten and never popped. If tasks a...

openSUSE 16 Security Update : cargo-c (openSUSE-SU-2026:20060-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20060-1 advisory. - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber:...

Azure Linux 3.0 Security Update: librsvg2 (CVE-2022-23639)

The version of librsvg2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-23639 advisory. - crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for...

MiracleLinux 8 : firefox-91.2.0-4.el8.ML.1 (AXSA:2021-2461:28)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2461:28 advisory. Mozilla: Use-after-free in MessageTask CVE-2021-38496 Mozilla: Memory safety bugs fixed in Firefox 93, Firefox ESR 78.15, and Firefox ESR 91.2...

SUSE-SU-2026:20096-1 Security update for cargo-c

This update for cargo-c fixes the following issues: - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber: Fixed log pollution bsc1249012 - CVE-2024-12224: idna: Fixed improper validation of Punycode labels...

TencentOS Server 4: kata-containers (TSSA-2025:0424)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0424 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

Security Bulletin: IBM Edge Data Collector uses crossbeam-channel-0.5.14.crate which is vulnerable to CVE-2025-4574.

Summary IBM Edge Data Collector uses crossbeam-channel-0.5.14.crate which is vulnerable to CVE-2025-4574. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2025-4574 DESCRIPTION: In crossbeam-channel rust crate, the internal Channel type's...

EUVD-2021-1883

Malware in sbrugna...

EUVD-2021-1671

Malware in sbrugna...

EUVD-2021-1794

Malware in sbrugna...

EUVD-2021-1828

Malware in sbrugna...

EUVD-2025-29421

Malicious code in bioql PyPI...

EUVD-2025-10692

Malicious code in bioql PyPI...

EUVD-2022-1149

Malicious code in bioql PyPI...

Undefined Behavior in bounded Crossbeam channel

...

Linux Distros Unpatched Vulnerability : CVE-2018-20996

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the crossbeam crate before 0.4.1 for Rust. There is a double free because of destructor mishandling. CVE-2018-20996 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2020-35904

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. It has incorrect expectations about the relationship between the memory allocation...

Linux Distros Unpatched Vulnerability : CVE-2025-4574

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that cou...

Fedora 43 : python-watchfiles (2025-165ec5fe3b)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-165ec5fe3b advisory. Automatic update for python-watchfiles-1.0.5-3.fc43. Changelog Thu May 15 2025 Benjamin A. Beasley - 1.0.5-3 - Security fix for CVE-2025-4574 fix RHBZ2366569...