rpm package
suse/rust&distro=SUSE Linux Enterprise Module for Development Tools 15
pkg:rpm/suse/rust&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-12083 | Hig | 8.1 | < 1.36.0-3.21.1 | 1.36.0-3.21.1 | May 13, 2019 | The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type, | |
| CVE-2018-1000622 | Hig | 7.8 | < 1.31.1-3.9.2 | 1.31.1-3.9.2 | Jul 9, 2018 | The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag |
- affected < 1.36.0-3.21.1fixed 1.36.0-3.21.1
The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's safety guarantees and cause memory unsafety. If the `Error::type_id` method is overridden then any type can be safely cast to any other type,
- affected < 1.31.1-3.9.2fixed 1.31.1-3.9.2
The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag