FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
ee26f513-826e-11ec-8be6-d4c9ef517024	Rust -- Race condition enabling symlink following The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable to a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete. Discovery 2022-01-20 Entry 2022-01-31 Modified 2022-02-03 rust < 1.58.1 rust-nightly < 1.60.0.20220202 CVE-2022-21658 https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html

VuXML ID

Description

ee26f513-826e-11ec-8be6-d4c9ef517024

Rust -- Race condition enabling symlink following

The Rust Security Response WG was notified that the std::fs::remove_dir_all standard library function is vulnerable to a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete.

Discovery 2022-01-20
Entry 2022-01-31
Modified 2022-02-03
rust

< 1.58.1

rust-nightly

< 1.60.0.20220202

CVE-2022-21658
https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html