Lucene search
MitreCVELIST:CVE-2018-1000622HistoryJul 09, 2018 - 8:00 p.m.
CVE-2018-1000622
2018-07-0920:00:00
mitre
www.cve.org
6
The Rust Programming Language rustdoc version Between 0.8 and 1.27.0 contains a CWE-427: Uncontrolled Search Path Element vulnerability in rustdoc plugins that can result in local code execution as a different user. This attack appear to be exploitable via using the --plugin flag without the --plugin-path flag. This vulnerability appears to have been fixed in 1.27.1.
References
lists.opensuse.org/opensuse-security-announce/2019-09/msg00076.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00006.html
lists.opensuse.org/opensuse-security-announce/2019-10/msg00031.html
groups.google.com/forum/#%21topic/rustlang-security-announcements/4ybxYLTtXuM
security.gentoo.org/glsa/201812-11
Related
fedora
fedora
[SECURITY] Fedora 27 Update: rust-1.27.1-2.fc27
2018-07-20 16:59:54
[SECURITY] Fedora 28 Update: rust-1.29.1-2.fc28
2018-10-05 17:12:19
[SECURITY] Fedora 28 Update: rust-1.27.1-2.fc28
2018-07-20 17:46:10
nessus
nessus
Fedora 27 : rust (2018-f38d1cb219)
2018-07-24 00:00:00
openSUSE Security Update : rust (openSUSE-2018-1279)
2018-10-26 00:00:00
openSUSE Security Update : rust (openSUSE-2019-851)
2019-03-27 00:00:00
openvas
openvas
Fedora Update for rust FEDORA-2018-0071ad34f4
2018-10-06 00:00:00
Fedora Update for rust FEDORA-2018-f38d1cb219
2018-07-21 00:00:00
Mageia: Security Advisory (MGASA-2018-0318)
2022-01-28 00:00:00
prion
prion
Path traversal
2018-07-09 20:29:00
suse
suse
Security update for rust (moderate)
2018-10-25 18:21:31
Security update for rust (moderate)
2019-10-03 00:00:00
Security update for rust (moderate)
2019-10-08 00:00:00
redhatcve
redhatcve
CVE-2018-1000622
2020-04-07 21:05:32
ubuntucve
ubuntucve
CVE-2018-1000622
2018-07-09 00:00:00
debiancve
debiancve
CVE-2018-1000622
2018-07-09 20:29:00
nvd
nvd
CVE-2018-1000622
2018-07-09 20:29:00
mageia
mageia
Updated rust packages fix security vulnerability
2018-07-24 01:27:34
osv
osv
CVE-2018-1000622
2018-07-09 20:29:00
cargo1.53-1.53.0-2.5 on GA media
2024-06-15 00:00:00
cve
cve
CVE-2018-1000622
2018-07-09 20:29:00
gentoo
gentoo
Rust: Multiple vulnerabilities
2018-12-30 00:00:00