6 matches found
openSUSE: Security Advisory for rust1.62 (SUSE-SU-2022:3451-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE: Security Advisory (SUSE-SU-2022:3451-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
armory_cli (>=0.3.3 <=0.3.28), armory_lib (>=0.1.0 <=0.3.28) +133 more potentially affected by CVE-2022-36113 via cargo (>=0.10.0 <=0.64.0)
cargo CARGO version =0.10.0, =0.3.3, =0.1.0, =0.10.0, =0.10.0, =0.1.0, =0.3.1, =0.0.1, =0.1.0, =0.1.0, =0.2.2, =0.6.0, =0.1.0, =0.1.1, =1.1.0 and more Source cves: CVE-2022-36113 Source advisory: OSV:GHSA-RFJ2-Q3H3-HM5J...
DEBIAN-CVE-2022-36113
Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the /.cargo folder on disk, making it available to the Rust projects it builds. To record when an extraction is successful, Cargo writes "ok" to the .cargo-ok file at the...
CVE-2022-36113 Extracting malicious crates can corrupt arbitrary files
Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the /.cargo folder on disk, making it available to the Rust projects it builds. To record when an extraction is successful, Cargo writes "ok" to the .cargo-ok file at the...
CVE-2022-36113
Cargo vulnerability (CVE-2022-36113): Cargo would extract packages into ~/.cargo and mark success with a .cargo-ok file. A malicious package could include a .cargo-ok symlink; when Cargo wrote ok, it would overwrite the first two bytes of the symlink target, enabling corruption of a single file o...