Rocky Linux 8 : rust-toolset:rhel8 (RLSA-2022:1894)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:1894 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG...

Amazon Linux 2 : rust (ALAS-2022-1817)

The version of rust installed on the remote host is prior to 1.61.0-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1817 advisory. A race condition flaw was found in Rust's std::fs::removedirall function. Rust applications that use this function may be vulnerable ...

Oracle Linux 8 : rust-toolset:ol8 (ELSA-2022-1894)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-1894 advisory. - Update to 1.52.1. Includes security fixes for CVE-2020-36323, CVE-2021-28876, CVE-2021-28878, CVE-2021-28879, and CVE-2021-31162. - Update to 1.51.0. Update t...

SUSE SLED15 / SLES15 Security Update : rust, rust1.58, rust1.59 (SUSE-SU-2022:0843-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0843-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe...

openSUSE 15 Security Update : rust (openSUSE-SU-2022:0491-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0491-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security...

SUSE SLES15 Security Update : rust (SUSE-SU-2022:0491-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0491-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust...

SUSE SLES15 Security Update : rust (SUSE-SU-2022:0200-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0200-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust...

Race condition

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

Rust -- Race condition enabling symlink following

The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable to a race condition enabling symlink following CWE-363. An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn...

CVE-2022-21658 Race condition in std::fs::remove_dir_all in rustlang

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...

CVE-2022-21658

CVE-2022-21658 affects Rust’s std::fs::remove_dir_all, due to a race condition (CWE-363) that could allow an attacker to trick a privileged process into deleting files/directories outside the target. Affected Rust releases: 1.0.0–1.58.0; patch released in 1.58.1. Impact can be significant for pri...

CVE-2022-21658

Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...