SUSE SLED15 / SLES15 Security Update : himmelblau (SUSE-SU-2026:1361-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1361-1 advisory. Update to version 2.3.9+git0.a9fd29b; jscPED-14511: - CVE-2026-34397: Fix LPE due to name collision during NSS...

SUSE-SU-2026:1361-1 Security update for himmelblau

This update for himmelblau fixes the following issues: Update to version 2.3.9+git0.a9fd29b; jscPED-14511: - CVE-2026-34397: Fix LPE due to name collision during NSS fake-primary group lookup bsc1261324. - CVE-2026-31979: Fix race condition when accessiung /tmp/krb5ccuid bsc1259548. -...

openSUSE 16 Security Update : himmelblau (openSUSE-SU-2025-20114-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20114-1 advisory. - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687...

SUSE-SU-2025:21158-1 Security update for himmelblau

This update for himmelblau fixes the following issues: - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687 depsrust: bump the all-cargo-updates group CVE-2025-58160: tracing-subscriber: Fixed log pollution...

Fedora 44 : glycin / rust-ashpd / rust-ashpd0.11 / rust-glycin / etc (2025-bb172624a9)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-bb172624a9 advisory. Update glycin to version 2.0.rc. This update also includes a bunch of related Rust dependency updates for GNOME 49.rc. Additionally, CVE-2025-58160 is...

TencentOS Server 4: rust (TSSA-2024:0635)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0635 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Fedora 38 : clamav (2024-92b8ac25a5)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-92b8ac25a5 advisory. ClamAV 1.0.6 is a critical patch release with the following fixes: Updated select Rust dependencies to the latest versions. This resolved Cargo audit...

Fedora 39 : clamav (2024-1a79c2ef63)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-1a79c2ef63 advisory. ClamAV 1.0.6 is a critical patch release with the following fixes: Updated select Rust dependencies to the latest versions. This resolved Cargo audit...

BrewStillery (>=1.0.0 <=6.2.0), Druid_task1 (=0.1.0) +307 more potentially affected by unknown CVE via gdk (>=0.12.1 <=0.8.0)

gdk CARGO version =0.12.1, =1.0.0, =0.13.2, =1.0.0, =0.2.0, =0.1.0, =0.1.2, =0.1.0, =0.21.0, =0.30.1 - avr-vm =0.1.0 - awl =0.0.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2024-0412...

RustProject (=0.1.0), SOEM-sys (=0.2.0) +2134 more potentially affected by CVE-2024-58266 via shlex (>=0.1.1 <=1.1.0)

shlex CARGO version =0.1.1, =0.1.0, =0.1.0, =0.0.9, =0.0.13 - aigcapi =5.1.2 - aigcchain =5.1.2 - aigcconfig =5.1.2 and more Source cves: CVE-2024-58266 Source advisory: OSV:RUSTSEC-2024-0006...

IMAPServer (=0.1.0), actson (>=0.2.0 <=0.3.0) +477 more potentially affected by unknown CVE via lexical (>=2.2.4 <=6.1.1)

lexical CARGO version =2.2.4, =0.2.0, =0.1.0, =0.8.0, =0.1.0, =0.11.0, =0.2.0, =0.1.0, =0.6.0, =0.6.0, =0.6.0, =0.4.0, =0.6.0, =0.15.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0055...

CVE-2022-36114 Extracting malicious crates can fill the file system

Cargo is a package manager for the rust programming language. It was discovered that Cargo did not limit the amount of data extracted from compressed archives. An attacker could upload to an alternate registry a specially crafted package that extracts way more data than its size also known as a...

AskAI (=0.1.0), arrow-flight (>=4.0.0 <=6.4.0) +164 more potentially affected by CVE-2021-21299 via hyper (>=0.14.11 <=0.14.29)

hyper CARGO version =0.14.11, =4.0.0, =0.2.1, =2.2.0, =0.1.0, =0.9.3, =0.11.1, =0.1.0, =0.2.1, =0.2.0, =0.3.1 and more Source cves: CVE-2021-21299 Source advisory: OSV:RUSTSEC-2021-0020...

AskAI (=0.1.0), Boa (>=0.1.4 <=0.1.5) +7095 more potentially affected by CVE-2020-26235 via time (>=0.1.25 <=0.1.45)

time CARGO version =0.1.25, =0.1.4, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.1 - ablavema =0.4.2 - abra =0.0.1 and more Source cves: CVE-2020-26235 Source advisory: OSV:RUSTSEC-2020-0071...

HiddenBytes (=0.1.0), Rust-wasm (=0.1.0) +726 more potentially affected by CVE-2020-35916 via image (>=0.10.4 <=0.23.10)

image CARGO version =0.10.4, =0.1.0, =0.1.0, =0.0.3, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.5, =0.1.0, =0.1.0, =0.1.0, =0.3.0 and more Source cves: CVE-2020-35916 Source advisory: OSV:RUSTSEC-2020-0073...

HPGO (=0.9.2), IMAPServer (=0.1.0) +2571 more potentially affected by unknown CVE via term (>=0.1.13 <=0.6.1)

term CARGO version =0.1.13, =0.1.0, =0.4.1, =0.2.1, =0.0.1, =0.2.1, =0.1.4, =2.1.0, =0.6.0, =0.19.0 - adivon =0.2.6 - admiral =0.1.0 - admiral-derive =0.1.0 - admiral-types =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2018-0015...