Lucene search

RedosROS-20240729-11

HistoryJul 29, 2024 - 12:00 a.m.

ROS-20240729-11

2024-07-2900:00:00

redos.red-soft.ru

vulnerability

cargo package manager

rust programming language

arbitrary html injection

remote execution

unix

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.9

Confidence

Low

EPSS

0.003

Percentile

71.3%

JSON

A vulnerability in the Cargo package manager of the Rust programming language involves the injection of arbitrary HTML
after including it in a report generated by Cargo. Exploitation of the vulnerability could allow an attacker,
acting remotely, to execute arbitrary code

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64rust< 1.79.0-2UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	rust	< 1.79.0-2	UNKNOWN

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

AI Score

7.9

Confidence

Low

EPSS

0.003

Percentile

71.3%

JSON

Related for ROS-20240729-11