Medium: rust-below

Issue Overview: tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As part of CVE-2025-62518, the astral-tokio-tar project was changed to correctly honor PAX size...

Low: rust-below

Issue Overview: time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used...

[SECURITY] Fedora 42 Update: rust-below-0.9.0-6.fc42

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

[SECURITY] Fedora 43 Update: rust-below-0.9.0-6.fc43

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

AZL-61830 CVE-2025-4574 affecting package rust for versions less than 1.75.0-16

In crossbeam-channel rust crate, the internal Channel type's Drop method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption...

Fedora: Security Advisory (FEDORA-2023-d88521bfc5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-31496 CVE-2023-45853 affecting package rust for versions less than 1.72.0-5

MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...

Fedora: Security Advisory for rust-below (FEDORA-2023-37ae269843)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 37 Update: rust-below-0.6.3-4.fc37

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

[SECURITY] Fedora 38 Update: rust-below-0.6.3-4.fc38

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

AZL-26409 CVE-2023-29932 affecting package rust for versions less than 1.72.0-2

llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperandmlir::OpOperand...

AZL-26694 CVE-2023-29942 affecting package rust for versions less than 1.72.0-1

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isamlir::LLVM::LLVMVoidType...

AZL-41051 CVE-2022-32213 affecting package rust for versions less than 1.75.0-1

The llhttp parser v14.20.1, v16.17.1 and v18.9.1 in the http module in Node.js does not correctly parse and validate Transfer-Encoding headers and can lead to HTTP Request Smuggling HRS...

[SECURITY] Fedora 34 Update: rust-below-0.4.1-3.fc34

below is an interactive tool to view and record historical system data. It has support for: - information regarding hardware resource utilization - viewing the cgroup hierarchy - cgroup and process information - pressure stall information PSI - record mode to record system data - replay mode to...

Fedora: Security Advisory for rust-below (FEDORA-2022-7ec8bda833)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for rust-below (FEDORA-2022-c4071e3dc7)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...