rpm package
opensuse/rust-keylime&distro=openSUSE Leap 16.0
pkg:rpm/opensuse/rust-keylime&distro=openSUSE%20Leap%2016.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25727 | — | < 0.2.8+116-160000.1.1 | 0.2.8+116-160000.1.1 | Feb 6, 2026 | time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used | ||
| CVE-2025-58266 | Med | 5.9 | < 0.2.8+116-160000.1.1 | 0.2.8+116-160000.1.1 | Sep 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fumiki Takahashi Gianism gianism allows Stored XSS.This issue affects Gianism: from n/a through <= 6.0.0. | |
| CVE-2025-55159 | Med | — | < 0.2.8+116-160000.1.1 | 0.2.8+116-160000.1.1 | Aug 11, 2025 | slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potentia |
- CVE-2026-25727Feb 6, 2026affected < 0.2.8+116-160000.1.1fixed 0.2.8+116-160000.1.1
time provides date and time handling in Rust. From 0.3.6 to before 0.3.47, when user-provided input is provided to any type that parses with the RFC 2822 format, a denial of service attack via stack exhaustion is possible. The attack relies on formally deprecated and rarely-used
- affected < 0.2.8+116-160000.1.1fixed 0.2.8+116-160000.1.1
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fumiki Takahashi Gianism gianism allows Stored XSS.This issue affects Gianism: from n/a through <= 6.0.0.
- affected < 0.2.8+116-160000.1.1fixed 0.2.8+116-160000.1.1
slab is a pre-allocated storage for a uniform data type. In version 0.4.10, the get_disjoint_mut method incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potentia