pkg:Alpine/rust

所有已知漏洞

• CRITICAL9.8CVE-2021-31162In the standard library in Rust before 1.52.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
  from 0, < 1.51.0-r2
• CRITICAL9.1CVE-2021-29922library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address…
  from 0, < 1.52.1-r1
• HIGH8.3CVE-2021-42574An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0.
  from 0, < 1.56.1-r0
• HIGH8.2CVE-2020-36323In the standard library in Rust before 1.52.0, there is an optimization for joining strings that can cause uninitialized bytes to be expose…
  from 0, < 1.51.0-r2
• HIGH8.1CVE-2019-12083The Rust Programming Language Standard Library 1.34.x before 1.34.2 contains a stabilized method which, if overridden, can violate Rust's s…
  from 0, < 1.34.2-r0
• HIGH7.9CVE-2023-38497Cargo not respecting umask when extracting crate archives
  from 0, < 1.71.1-r0
• HIGH7.5CVE-2019-16760Cargo prior to Rust 1.26.0 may download the wrong dependency
  from 0, < 1.26.0-r0
• MEDIUM6.5CVE-2026-5222Cargo between 1.68 and 1.96 incorrectly normalized the URLs of third-party registries using the sparse index protocol.
  from 0, < 1.91.1-r2
• MEDIUM6.5CVE-2026-33056tar-rs `unpack_in` can chmod arbitrary directories by following symlinks
  from 0, < 1.78.0-r1
• MEDIUM5.3CVE-2026-5223Cargo incorrectly handled symlinks inside of crate tarballs downloaded from third-party registries, allowing a malicious crate to override…
  from 0, < 1.91.1-r2
• MEDIUM5.3CVE-2022-46176Cargo did not verify SSH host keys
  from 0, < 1.66.1-r0