6.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P
Rust is vulnerable to directory traversal. The vulnerability exists due to a race condition which allows an attacker to access the file system of the application.
blog.rust-lang.org/2022/01/20/cve-2022-21658.html
github.com/rust-lang/rust/pull/93110
github.com/rust-lang/rust/pull/93110/commits/32ed6e599bb4722efefd78bbc9cd7ec4613cb946
github.com/rust-lang/rust/pull/93110/commits/406cc071d6cfdfdb678bf3d83d766851de95abaf
github.com/rust-lang/rust/pull/93110/commits/4f0ad1c92ca08da6e8dc17838070975762f59714
github.com/rust-lang/rust/security/advisories/GHSA-r9cc-f5pr-p3j2
lists.fedoraproject.org/archives/list/[email protected]/message/7JKZDTBMGAWIFJSNWKBMPO5EAKRR4BEW/
lists.fedoraproject.org/archives/list/[email protected]/message/BK32QZLHDC2OVLPKTUHNT2G3VHWHD4LX/
lists.fedoraproject.org/archives/list/[email protected]/message/C63NH72Q7UHJM5V3IVYRI7LVBGGFQMSQ/
lists.fedoraproject.org/archives/list/[email protected]/message/CKGTACKMKAPRDPWPTU26GYWBELIRFF5N/
security-tracker.debian.org/tracker/CVE-2022-21658
security.gentoo.org/glsa/202210-09
support.apple.com/kb/HT213182
support.apple.com/kb/HT213183
support.apple.com/kb/HT213186
support.apple.com/kb/HT213193
6.3 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
3.3 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:N/I:P/A:P