156 matches found
openSUSE 15 Security Update : rust1.55 (openSUSE-SU-2022:0171-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0171-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security...
SUSE SLED15 / SLES15 Security Update : rust1.56 (SUSE-SU-2022:0149-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:0149-1 advisory. - CVE-2022-21658: Fixed race condition in std::fs::removedirall bsc1194767. Tenable has extracted the preceding...
openSUSE 15 Security Update : rust1.56 (openSUSE-SU-2022:0149-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2022:0149-1 advisory. - Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security...
CVE-2022-21658
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...
CVE-2022-21658
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...
CVE-2022-21658 Race condition in std::fs::remove_dir_all in rustlang
Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the std::fs::removedirall standard library function is vulnerable a race condition enabling symlink following CWE-363. A...
Moderate: Red Hat Security Advisory: rust-toolset:rhel8 security update
An update for the rust-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-78746)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. a memory corruption vulnerability exists in Mozilla Rust, which stems from Rust's scottqueue crate. for Queue there is an unconditional send and sync implementation, which can be exploited by an attacker to caus...
Mozilla Rust Buffer Overflow Vulnerability (CNVD-2021-85300)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. Mozilla Rust is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause errors in data contention in concurrent programs...
Mozilla Rust Memory Corruption Vulnerability (CNVD-2021-71651)
A security vulnerability exists in Rust, a general-purpose, compiled programming language from the Mozilla Foundation. The vulnerability stems from the fact that programs send features or synchronize features without bounds, so data contention and memory corruption can occur. No details of the...
Low: Red Hat Security Advisory: rust-toolset-1.49 and rust-toolset-1.49-rust update
New rust-toolset-1.49 packages are now available as a part of Red Hat Developer Tools for Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RLSA-2021:1935 Low: rust-toolset:rhel8 security, bug fix, and enhancement update
Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety. The following packages have been upgraded to a later upstream version: rust 1.49.0. BZ1896712 Security Fixes: rust: use-after-free or double free in VecDeque::makecontiguous...
Unspecified Vulnerability in Rust (CNVD-2021-38316)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust rkyv crate versions prior to 0.6.0, which stems from the fact that when an archive is created via serialization, the contents of the archive may contain uninitialized valu...
Mozilla Rust Competitive Conditions Issue Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A contention condition issue vulnerability exists in the standard library in versions of Rust prior to 1.19.0, which stems from a synchronization issue with MutexGuard objects that allows memory safety issues to...
Mozilla Rust Formatting String Error Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A format string error vulnerability exists in the standard library in versions of Rust prior to 1.52.0, which stems from the fact that if the length of a borrowed string is changed after checking it, it could...
Rust Resource Management Error Vulnerability (CNVD-2021-33044)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in the standard library in versions of Rust prior to 1.53.0, which stems from a double release that occurs in the Vec::fromiter function. No details of the...
Rust buffer overflow vulnerability (CNVD-2021-33048)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.51.0, which stems from an unmet security requirement for the TrustedRandomAccess feature, an error that could result in a...
Rust Resource Management Error Vulnerability (CNVD-2021-38320)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in rocket crate for Rust prior to version 0.4.7, which stems from the fact that if a user-supplied function appears to be panic, the uri::Formatter can be...
Rust Resource Management Error Vulnerability (CNVD-2021-30582)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A resource management error vulnerability exists in endiantrait crate for Rust 2021-01-04 and earlier versions, which stems from an error that can occur when a user-supplied endian impl occurs panic. No detailed...
Rust Buffer Overflow Vulnerability (CNVD-2021-31914)
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A buffer overflow vulnerability exists in the Rust standard library prior to version 1.2.0, which stems from the binary heap being in a failure to agree state when comparing generic elements of sift up or...