15 matches found
EUVD-2025-17308
Malicious code in bioql PyPI...
EUVD-2025-16945
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-5791
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than...
SUSE CVE-2025-5791
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
Duplicate Advisory: users may append `root` to group listings
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m65q-v92h-cm7q. This link is maintained to preserve external references. Original Description A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group...
GHSA-JQ8X-V7JW-V675 Duplicate Advisory: users may append `root` to group listings
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-m65q-v92h-cm7q. This link is maintained to preserve external references. Original Description A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group...
CVE-2025-5791
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
CVE-2025-5791
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
AZL-63848 CVE-2025-5791 affecting package kata-containers-cc for versions less than 3.2.0.azl2-7
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
UBUNTU-CVE-2025-5791
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
CVE-2025-5791 Users: `root` appended to group listings
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
CVE-2025-5791 Users: `root` appended to group listings
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list...
CVE-2025-5791
The CVE-2025-5791 entry concerns the Rust users crate with privilege escalation via incorrect group listing when a process has fewer than 1024 groups, which can incorrectly include the root group in the access list. Affected component: the user’s Rust crate (rust-users). Local/exploit path is ind...
Security Bulletin: IBM InfoSphere Information Server Low Level Authenticated User Can View Higher Level User And Group Listing (CVE-2022-36772)
Summary A vulnerability in IBM InfoSphere Information Server allowed lower level authenticated user to view other users and groups list. The scope of the vulnerability was limited in nature. The flaw gave such users VIEW access only. This vulnerabity was addressed. Vulnerability Details...
"Allowed review participants" isn't restricting the scope for groups
h3. Summary The "Allowed review participants" option in the project settings isn't restricting the scope for groups when searching for reviewers to be added to a review, therefore all the groups are listed, even the ones not included as allowed groups. h3. Environment Tested on Crucible 4.2.0 h3...