Search CVE reports
11 – 14 of 14 results
Some fixes available 11 of 39
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of `{i,u}64` was...
11 affected packages
rust-crossbeam-utils, rust-crossbeam-utils-0.7, firefox, mozjs38, librsvg...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| rust-crossbeam-utils | Not affected | Not affected | Vulnerable | Vulnerable | Not in release |
| rust-crossbeam-utils-0.7 | Not in release | Not in release | Vulnerable | Not in release | Not in release |
| firefox | Fixed | Fixed | Fixed | Not in release | Ignored |
| mozjs38 | Not in release | Not in release | Not in release | Not in release | Ignored |
| librsvg | Not affected | Not affected | Not affected | Not affected | Not affected |
| mozjs78 | Not in release | Not in release | Ignored | Not in release | Not in release |
| rustc | Not in release | Not affected | Fixed | Fixed | Not affected |
| thunderbird | Ignored | Ignored | Ignored | Not in release | Ignored |
| cargo | Not in release | Not in release | Not affected | Not affected | Not affected |
| mozjs52 | Not in release | Not in release | Not in release | Ignored | Ignored |
| mozjs68 | Not in release | Not in release | Not in release | Ignored | Not in release |
NULL Pointer Dereference in Homebrew mruby prior to 3.2.
5 affected packages
h2o, cargo, groonga, mruby, nghttp2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| h2o | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| cargo | Not in release | Not in release | Not affected | Not affected | Not affected |
| groonga | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| mruby | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nghttp2 | Not affected | Not affected | Not affected | Not affected | Not affected |
mruby is vulnerable to NULL Pointer Dereference
5 affected packages
cargo, groonga, h2o, mruby, nghttp2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| cargo | Not in release | Not in release | Not affected | Not affected | Not affected |
| groonga | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| h2o | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| mruby | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
| nghttp2 | Not affected | Not affected | Not affected | Not affected | Not affected |
Cargo prior to Rust 1.26.0 may download the wrong dependency if your package.toml file uses the `package` configuration key. Usage of the `package` key to rename dependencies in `Cargo.toml` is ignored in Rust 1.25.0 and prior....
2 affected packages
cargo, rustc
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| cargo | — | — | — | — | Not affected |
| rustc | — | — | — | — | Not affected |