10 matches found
SUSE-SU-2026:2466-1 Security update for azure-storage-azcopy
This update for azure-storage-azcopy fixes the following issues Update to 10.32.4: - CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan bsc1247720. - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header...
Ubuntu 18.04 LTS / 20.04 LTS : Go Networking vulnerability (USN-8416-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8416-1 advisory. It was discovered that Go Networking incorrectly handled certain Punycode-encoded labels in the idna package. An attacker could possibly use this issu...
SUSE-SU-2026:20910-1 Security update for librsvg
This update for librsvg fixes the following issues: Update to version 2.60.2: - CVE-2024-12224: Fixed idna accepts Punycode labels that do not produce any non-ASCII when decoded bsc1243867. - CVE-2024-43806: Fixed memory explosion in rustix bsc1229950...
SUSE-SU-2026:0243-1 Security update for librsvg
This update for librsvg fixes the following issues: Update to version 2.57.4 - bsc1243867: + CVE-2024-12224: RUSTSEC-2024-0421 - idna accepts Punycode labels that do not produce any non-ASCII when decoded. + RUSTSEC-2024-0404 - Unsoundness in anstream...
openSUSE 16 Security Update : cargo-c (openSUSE-SU-2026:20060-1)
The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20060-1 advisory. - CVE-2025-4574: crossbeam-channel: Fixed double-free on drop in Channel::discardallmessages bsc1243179 - CVE-2025-58160: tracing-subscriber:...
bootstring (=0.1.0), deltachat_message_parser (>=0.3.0 <=0.14.1) +8 more potentially affected by unknown CVE via unic-idna-punycode (>=0.1.1 <=0.9.0)
unic-idna-punycode CARGO version =0.1.1, =0.3.0, =0.3.0, =0.2.4-beta, =0.3.0, =0.1.0, =0.1.0, =0.5.0, =0.7.0, =0.1.1, =0.9.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0088...
`unic-idna-punycode` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - idna...
RUSTSEC-2025-0088 `unic-idna-punycode` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - idna...
SUSE-SU-2025:20858-1 Security update for rust-keylime
This update for rust-keylime fixes the following issues: - CVE-2025-55159: slab: incorrect bounds check in getdisjointmut function can lead to undefined behavior or potential crash due to out-of-bounds access bsc1248006 - CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in...
Libidn2 'decode_digit' function integer overflow vulnerability
Libidn2 is a package that implements string preprocessing, Punycode, and IDNA specification definitions through the IETF International Domain Name IDN. An integer overflow vulnerability exists in the 'decodedigit' function of the punydecode.c file in Libidn2 versions prior to 2.0.4. A remote...