opensuse-su-2022:0843-1
Vulnerability from csaf_opensuse
Published
2022-03-15 10:33
Modified
2022-03-15 10:33
Summary
Security update for rust, rust1.58, rust1.59
Notes
Title of the patch
Security update for rust, rust1.58, rust1.59
Description of the patch
This update for rust, rust1.58, rust1.59 fixes the following issues:
This update provides both rust1.58 and rust1.59.
Changes in rust1.58:
- Add recommends for GCC for installs to be able to link.
- Add suggests for lld/clang which are faster than gcc for linking to
allow users choice on what they use.
- CVE-2022-21658: Resolve race condition in std::fs::remove_dir_all (bsc#1194767)
Version 1.58.0 (2022-01-13)
==========================
Language
--------
- [Format strings can now capture arguments simply by writing `{ident}` in the string.][90473] This works in all macros accepting format strings. Support for this in `panic!` (`panic!('{ident}')`) requires the 2021 edition; panic invocations in previous editions that appear to be trying to use this will result in a warning lint about not having the intended effect.
- [`*const T` pointers can now be dereferenced in const contexts.][89551]
- [The rules for when a generic struct implements `Unsize` have been relaxed.][90417]
Compiler
--------
- [Add LLVM CFI support to the Rust compiler][89652]
- [Stabilize -Z strip as -C strip][90058]. Note that while release builds already don't add debug symbols for the code you compile, the compiled standard library that ships with Rust includes debug symbols, so you may want to use the `strip` option to remove these symbols to produce smaller release binaries. Note that this release only includes support in rustc, not directly in cargo.
- [Add support for LLVM coverage mapping format versions 5 and 6][91207]
- [Emit LLVM optimization remarks when enabled with `-Cremark`][90833]
- [Update the minimum external LLVM to 12][90175]
- [Add `x86_64-unknown-none` at Tier 3*][89062]
- [Build musl dist artifacts with debuginfo enabled][90733]. When building release binaries using musl, you may want to use the newly stabilized strip option to remove these debug symbols, reducing the size of your binaries.
- [Don't abort compilation after giving a lint error][87337]
- [Error messages point at the source of trait bound obligations in more places][89580]
\* Refer to Rust's [platform support page][platform-support-doc] for more
information on Rust's tiered platform support.
Libraries
---------
- [All remaining functions in the standard library have `#[must_use]` annotations where appropriate][89692], producing a warning when ignoring their return value. This helps catch mistakes such as expecting a function to mutate a value in place rather than return a new value.
- [Paths are automatically canonicalized on Windows for operations that support it][89174]
- [Re-enable debug checks for `copy` and `copy_nonoverlapping`][90041]
- [Implement `RefUnwindSafe` for `Rc<T>`][87467]
- [Make RSplit<T, P>: Clone not require T: Clone][90117]
- [Implement `Termination` for `Result<Infallible, E>`][88601]. This allows writing `fn main() -> Result<Infallible, ErrorType>`, for a program whose successful exits never involve returning from `main` (for instance, a program that calls `exit`, or that uses `exec` to run another program).
Stabilized APIs
---------------
- [`Metadata::is_symlink`]
- [`Path::is_symlink`]
- [`{integer}::saturating_div`]
- [`Option::unwrap_unchecked`]
- [`Result::unwrap_unchecked`]
- [`Result::unwrap_err_unchecked`]
- [`NonZero{unsigned}::is_power_of_two`]
- [`File::options`]
These APIs are now usable in const contexts:
- [`Duration::new`]
- [`Duration::checked_add`]
- [`Duration::saturating_add`]
- [`Duration::checked_sub`]
- [`Duration::saturating_sub`]
- [`Duration::checked_mul`]
- [`Duration::saturating_mul`]
- [`Duration::checked_div`]
- [`MaybeUninit::as_ptr`]
- [`MaybeUninit::as_mut_ptr`]
- [`MaybeUninit::assume_init`]
- [`MaybeUninit::assume_init_ref`]
Cargo
-----
- [Add --message-format for install command][cargo/10107]
- [Warn when alias shadows external subcommand][cargo/10082]
Rustdoc
-------
- [Show all Deref implementations recursively in rustdoc][90183]
- [Use computed visibility in rustdoc][88447]
Compatibility Notes
-------------------
- [Try all stable method candidates first before trying unstable ones][90329]. This change ensures that adding new nightly-only methods to the Rust standard library will not break code invoking methods of the same name from traits outside the standard library.
- Windows: [`std::process::Command` will no longer search the current directory for executables.][87704]
- [All proc-macro backward-compatibility lints are now deny-by-default.][88041]
- [proc_macro: Append .0 to unsuffixed float if it would otherwise become int token][90297]
- [Refactor weak symbols in std::sys::unix][90846]. This optimizes accesses to glibc functions, by avoiding the use of dlopen. This does not increase the [minimum expected version of glibc](https://doc.rust-lang.org/nightly/rustc/platform-support.html). However, software distributions that use symbol versions to detect library dependencies, and which take weak symbols into account in that analysis, may detect rust binaries as requiring newer versions of glibc.
- [rustdoc now rejects some unexpected semicolons in doctests][91026]
Version 1.59.0 (2022-02-24)
==========================
Language
--------
- [Stabilize default arguments for const generics][90207]
- [Stabilize destructuring assignment][90521]
- [Relax private in public lint on generic bounds and where clauses of trait impls][90586]
- [Stabilize asm! and global_asm! for x86, x86_64, ARM, Aarch64, and RISC-V][91728]
Compiler
--------
- [Stabilize new symbol mangling format, leaving it opt-in (-Csymbol-mangling-version=v0)][90128]
- [Emit LLVM optimization remarks when enabled with `-Cremark`][90833]
- [Fix sparc64 ABI for aggregates with floating point members][91003]
- [Warn when a `#[test]`-like built-in attribute macro is present multiple times.][91172]
- [Add support for riscv64gc-unknown-freebsd][91284]
- [Stabilize `-Z emit-future-incompat` as `--json future-incompat`][91535]
Libraries
---------
- [Remove unnecessary bounds for some Hash{Map,Set} methods][91593]
Stabilized APIs
---------------
- [`std::thread::available_parallelism`][available_parallelism]
- [`Result::copied`][result-copied]
- [`Result::cloned`][result-cloned]
- [`arch::asm!`][asm]
- [`arch::global_asm!`][global_asm]
- [`ops::ControlFlow::is_break`][is_break]
- [`ops::ControlFlow::is_continue`][is_continue]
- [`TryFrom<char> for u8`][try_from_char_u8]
- [`char::TryFromCharError`][try_from_char_err]
implementing `Clone`, `Debug`, `Display`, `PartialEq`, `Copy`, `Eq`, `Error`
- [`iter::zip`][zip]
- [`NonZeroU8::is_power_of_two`][is_power_of_two8]
- [`NonZeroU16::is_power_of_two`][is_power_of_two16]
- [`NonZeroU32::is_power_of_two`][is_power_of_two32]
- [`NonZeroU64::is_power_of_two`][is_power_of_two64]
- [`NonZeroU128::is_power_of_two`][is_power_of_two128]
- [`DoubleEndedIterator for ToLowercase`][lowercase]
- [`DoubleEndedIterator for ToUppercase`][uppercase]
- [`TryFrom<&mut [T]> for [T; N]`][tryfrom_ref_arr]
- [`UnwindSafe for Once`][unwindsafe_once]
- [`RefUnwindSafe for Once`][refunwindsafe_once]
- [armv8 neon intrinsics for aarch64][stdarch/1266]
Const-stable:
- [`mem::MaybeUninit::as_ptr`][muninit_ptr]
- [`mem::MaybeUninit::assume_init`][muninit_init]
- [`mem::MaybeUninit::assume_init_ref`][muninit_init_ref]
- [`ffi::CStr::from_bytes_with_nul_unchecked`][cstr_from_bytes]
Cargo
-----
- [Stabilize the `strip` profile option][cargo/10088]
- [Stabilize future-incompat-report][cargo/10165]
- [Support abbreviating `--release` as `-r`][cargo/10133]
- [Support `term.quiet` configuration][cargo/10152]
- [Remove `--host` from cargo {publish,search,login}][cargo/10145]
Compatibility Notes
-------------------
- [Refactor weak symbols in std::sys::unix][90846]
This may add new, versioned, symbols when building with a newer glibc, as the
standard library uses weak linkage rather than dynamically attempting to load
certain symbols at runtime.
- [Deprecate crate_type and crate_name nested inside `#![cfg_attr]`][83744]
This adds a future compatibility lint to supporting the use of cfg_attr
wrapping either crate_type or crate_name specification within Rust files;
it is recommended that users migrate to setting the equivalent command line
flags.
- [Remove effect of `#[no_link]` attribute on name resolution][92034]
This may expose new names, leading to conflicts with preexisting names in a
given namespace and a compilation failure.
- [Cargo will document libraries before binaries.][cargo/10172]
- [Respect doc=false in dependencies, not just the root crate][cargo/10201]
- [Weaken guarantee around advancing underlying iterators in zip][83791]
- [Make split_inclusive() on an empty slice yield an empty output][89825]
- [Update std::env::temp_dir to use GetTempPath2 on Windows when available.][89999]
Changes in rust wrapper package:
- Update to version 1.59.0 - for details see the rust1.59 package
- Update package description to help users choose what tooling
to install.
- Provide rust+cargo by cargo: all cargo<n> package provide this
symbol too. Having the meta package provide it allows OBS to have
a generic prefernece on the meta package for all packages 'just'
requiring rust+cargo.
- Update to version 1.58.0
Patchnames
openSUSE-SLE-15.3-2022-843,openSUSE-SLE-15.4-2022-843
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for rust, rust1.58, rust1.59",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for rust, rust1.58, rust1.59 fixes the following issues:\n\nThis update provides both rust1.58 and rust1.59.\n\nChanges in rust1.58:\n\n- Add recommends for GCC for installs to be able to link.\n- Add suggests for lld/clang which are faster than gcc for linking to\n allow users choice on what they use.\n- CVE-2022-21658: Resolve race condition in std::fs::remove_dir_all (bsc#1194767)\n\nVersion 1.58.0 (2022-01-13)\n==========================\n\nLanguage\n--------\n- [Format strings can now capture arguments simply by writing `{ident}` in the string.][90473] This works in all macros accepting format strings. Support for this in `panic!` (`panic!(\u0027{ident}\u0027)`) requires the 2021 edition; panic invocations in previous editions that appear to be trying to use this will result in a warning lint about not having the intended effect.\n- [`*const T` pointers can now be dereferenced in const contexts.][89551]\n- [The rules for when a generic struct implements `Unsize` have been relaxed.][90417]\nCompiler\n--------\n- [Add LLVM CFI support to the Rust compiler][89652]\n- [Stabilize -Z strip as -C strip][90058]. Note that while release builds already don\u0027t add debug symbols for the code you compile, the compiled standard library that ships with Rust includes debug symbols, so you may want to use the `strip` option to remove these symbols to produce smaller release binaries. Note that this release only includes support in rustc, not directly in cargo.\n- [Add support for LLVM coverage mapping format versions 5 and 6][91207]\n- [Emit LLVM optimization remarks when enabled with `-Cremark`][90833]\n- [Update the minimum external LLVM to 12][90175]\n- [Add `x86_64-unknown-none` at Tier 3*][89062]\n- [Build musl dist artifacts with debuginfo enabled][90733]. When building release binaries using musl, you may want to use the newly stabilized strip option to remove these debug symbols, reducing the size of your binaries.\n- [Don\u0027t abort compilation after giving a lint error][87337]\n- [Error messages point at the source of trait bound obligations in more places][89580]\n\\* Refer to Rust\u0027s [platform support page][platform-support-doc] for more\n information on Rust\u0027s tiered platform support.\n\nLibraries\n---------\n\n- [All remaining functions in the standard library have `#[must_use]` annotations where appropriate][89692], producing a warning when ignoring their return value. This helps catch mistakes such as expecting a function to mutate a value in place rather than return a new value.\n- [Paths are automatically canonicalized on Windows for operations that support it][89174]\n- [Re-enable debug checks for `copy` and `copy_nonoverlapping`][90041]\n- [Implement `RefUnwindSafe` for `Rc\u003cT\u003e`][87467]\n- [Make RSplit\u003cT, P\u003e: Clone not require T: Clone][90117]\n- [Implement `Termination` for `Result\u003cInfallible, E\u003e`][88601]. This allows writing `fn main() -\u003e Result\u003cInfallible, ErrorType\u003e`, for a program whose successful exits never involve returning from `main` (for instance, a program that calls `exit`, or that uses `exec` to run another program).\n\nStabilized APIs\n---------------\n\n- [`Metadata::is_symlink`]\n- [`Path::is_symlink`]\n- [`{integer}::saturating_div`]\n- [`Option::unwrap_unchecked`]\n- [`Result::unwrap_unchecked`]\n- [`Result::unwrap_err_unchecked`]\n- [`NonZero{unsigned}::is_power_of_two`]\n- [`File::options`]\nThese APIs are now usable in const contexts:\n- [`Duration::new`]\n- [`Duration::checked_add`]\n- [`Duration::saturating_add`]\n- [`Duration::checked_sub`]\n- [`Duration::saturating_sub`]\n- [`Duration::checked_mul`]\n- [`Duration::saturating_mul`]\n- [`Duration::checked_div`]\n- [`MaybeUninit::as_ptr`]\n- [`MaybeUninit::as_mut_ptr`]\n- [`MaybeUninit::assume_init`]\n- [`MaybeUninit::assume_init_ref`]\n\nCargo\n-----\n\n- [Add --message-format for install command][cargo/10107]\n- [Warn when alias shadows external subcommand][cargo/10082]\n\nRustdoc\n-------\n\n- [Show all Deref implementations recursively in rustdoc][90183]\n- [Use computed visibility in rustdoc][88447]\n\nCompatibility Notes\n-------------------\n\n- [Try all stable method candidates first before trying unstable ones][90329]. This change ensures that adding new nightly-only methods to the Rust standard library will not break code invoking methods of the same name from traits outside the standard library.\n- Windows: [`std::process::Command` will no longer search the current directory for executables.][87704]\n- [All proc-macro backward-compatibility lints are now deny-by-default.][88041]\n- [proc_macro: Append .0 to unsuffixed float if it would otherwise become int token][90297]\n- [Refactor weak symbols in std::sys::unix][90846]. This optimizes accesses to glibc functions, by avoiding the use of dlopen. This does not increase the [minimum expected version of glibc](https://doc.rust-lang.org/nightly/rustc/platform-support.html). However, software distributions that use symbol versions to detect library dependencies, and which take weak symbols into account in that analysis, may detect rust binaries as requiring newer versions of glibc.\n- [rustdoc now rejects some unexpected semicolons in doctests][91026]\n\nVersion 1.59.0 (2022-02-24)\n==========================\n\nLanguage\n--------\n\n- [Stabilize default arguments for const generics][90207]\n- [Stabilize destructuring assignment][90521]\n- [Relax private in public lint on generic bounds and where clauses of trait impls][90586]\n- [Stabilize asm! and global_asm! for x86, x86_64, ARM, Aarch64, and RISC-V][91728]\n\nCompiler\n--------\n\n- [Stabilize new symbol mangling format, leaving it opt-in (-Csymbol-mangling-version=v0)][90128]\n- [Emit LLVM optimization remarks when enabled with `-Cremark`][90833]\n- [Fix sparc64 ABI for aggregates with floating point members][91003]\n- [Warn when a `#[test]`-like built-in attribute macro is present multiple times.][91172]\n- [Add support for riscv64gc-unknown-freebsd][91284]\n- [Stabilize `-Z emit-future-incompat` as `--json future-incompat`][91535]\n\nLibraries\n---------\n\n- [Remove unnecessary bounds for some Hash{Map,Set} methods][91593]\n\nStabilized APIs\n---------------\n\n- [`std::thread::available_parallelism`][available_parallelism]\n- [`Result::copied`][result-copied]\n- [`Result::cloned`][result-cloned]\n- [`arch::asm!`][asm]\n- [`arch::global_asm!`][global_asm]\n- [`ops::ControlFlow::is_break`][is_break]\n- [`ops::ControlFlow::is_continue`][is_continue]\n- [`TryFrom\u003cchar\u003e for u8`][try_from_char_u8]\n- [`char::TryFromCharError`][try_from_char_err]\n implementing `Clone`, `Debug`, `Display`, `PartialEq`, `Copy`, `Eq`, `Error`\n- [`iter::zip`][zip]\n- [`NonZeroU8::is_power_of_two`][is_power_of_two8]\n- [`NonZeroU16::is_power_of_two`][is_power_of_two16]\n- [`NonZeroU32::is_power_of_two`][is_power_of_two32]\n- [`NonZeroU64::is_power_of_two`][is_power_of_two64]\n- [`NonZeroU128::is_power_of_two`][is_power_of_two128]\n- [`DoubleEndedIterator for ToLowercase`][lowercase]\n- [`DoubleEndedIterator for ToUppercase`][uppercase]\n- [`TryFrom\u003c\u0026mut [T]\u003e for [T; N]`][tryfrom_ref_arr]\n- [`UnwindSafe for Once`][unwindsafe_once]\n- [`RefUnwindSafe for Once`][refunwindsafe_once]\n- [armv8 neon intrinsics for aarch64][stdarch/1266]\nConst-stable:\n- [`mem::MaybeUninit::as_ptr`][muninit_ptr]\n- [`mem::MaybeUninit::assume_init`][muninit_init]\n- [`mem::MaybeUninit::assume_init_ref`][muninit_init_ref]\n- [`ffi::CStr::from_bytes_with_nul_unchecked`][cstr_from_bytes]\n\nCargo\n-----\n\n- [Stabilize the `strip` profile option][cargo/10088]\n- [Stabilize future-incompat-report][cargo/10165]\n- [Support abbreviating `--release` as `-r`][cargo/10133]\n- [Support `term.quiet` configuration][cargo/10152]\n- [Remove `--host` from cargo {publish,search,login}][cargo/10145]\n\nCompatibility Notes\n-------------------\n\n- [Refactor weak symbols in std::sys::unix][90846]\n This may add new, versioned, symbols when building with a newer glibc, as the\n standard library uses weak linkage rather than dynamically attempting to load\n certain symbols at runtime.\n- [Deprecate crate_type and crate_name nested inside `#![cfg_attr]`][83744]\n This adds a future compatibility lint to supporting the use of cfg_attr\n wrapping either crate_type or crate_name specification within Rust files;\n it is recommended that users migrate to setting the equivalent command line\n flags.\n- [Remove effect of `#[no_link]` attribute on name resolution][92034]\n This may expose new names, leading to conflicts with preexisting names in a\n given namespace and a compilation failure.\n- [Cargo will document libraries before binaries.][cargo/10172]\n- [Respect doc=false in dependencies, not just the root crate][cargo/10201]\n- [Weaken guarantee around advancing underlying iterators in zip][83791]\n- [Make split_inclusive() on an empty slice yield an empty output][89825]\n- [Update std::env::temp_dir to use GetTempPath2 on Windows when available.][89999]\n\nChanges in rust wrapper package:\n\n- Update to version 1.59.0 - for details see the rust1.59 package\n\n- Update package description to help users choose what tooling\n to install.\n\n- Provide rust+cargo by cargo: all cargo\u003cn\u003e package provide this\n symbol too. Having the meta package provide it allows OBS to have\n a generic prefernece on the meta package for all packages \u0027just\u0027\n requiring rust+cargo.\n\n- Update to version 1.58.0\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2022-843,openSUSE-SLE-15.4-2022-843",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_0843-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:0843-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZODX3XK3LNWUDIGOVAOXXYOTCRZZ4CMJ/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:0843-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/ZODX3XK3LNWUDIGOVAOXXYOTCRZZ4CMJ/"
},
{
"category": "self",
"summary": "SUSE Bug 1194767",
"url": "https://bugzilla.suse.com/1194767"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21658 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21658/"
}
],
"title": "Security update for rust, rust1.58, rust1.59",
"tracking": {
"current_release_date": "2022-03-15T10:33:50Z",
"generator": {
"date": "2022-03-15T10:33:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:0843-1",
"initial_release_date": "2022-03-15T10:33:50Z",
"revision_history": [
{
"date": "2022-03-15T10:33:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cargo-1.59.0-150300.21.20.1.aarch64",
"product": {
"name": "cargo-1.59.0-150300.21.20.1.aarch64",
"product_id": "cargo-1.59.0-150300.21.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "cargo1.58-1.58.0-150300.7.3.1.aarch64",
"product": {
"name": "cargo1.58-1.58.0-150300.7.3.1.aarch64",
"product_id": "cargo1.58-1.58.0-150300.7.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "cargo1.59-1.59.0-150300.7.4.2.aarch64",
"product": {
"name": "cargo1.59-1.59.0-150300.7.4.2.aarch64",
"product_id": "cargo1.59-1.59.0-150300.7.4.2.aarch64"
}
},
{
"category": "product_version",
"name": "rust-1.59.0-150300.21.20.1.aarch64",
"product": {
"name": "rust-1.59.0-150300.21.20.1.aarch64",
"product_id": "rust-1.59.0-150300.21.20.1.aarch64"
}
},
{
"category": "product_version",
"name": "rust1.58-1.58.0-150300.7.3.1.aarch64",
"product": {
"name": "rust1.58-1.58.0-150300.7.3.1.aarch64",
"product_id": "rust1.58-1.58.0-150300.7.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "rust1.59-1.59.0-150300.7.4.2.aarch64",
"product": {
"name": "rust1.59-1.59.0-150300.7.4.2.aarch64",
"product_id": "rust1.59-1.59.0-150300.7.4.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "cargo-1.59.0-150300.21.20.1.ppc64le",
"product": {
"name": "cargo-1.59.0-150300.21.20.1.ppc64le",
"product_id": "cargo-1.59.0-150300.21.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cargo1.58-1.58.0-150300.7.3.1.ppc64le",
"product": {
"name": "cargo1.58-1.58.0-150300.7.3.1.ppc64le",
"product_id": "cargo1.58-1.58.0-150300.7.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "cargo1.59-1.59.0-150300.7.4.2.ppc64le",
"product": {
"name": "cargo1.59-1.59.0-150300.7.4.2.ppc64le",
"product_id": "cargo1.59-1.59.0-150300.7.4.2.ppc64le"
}
},
{
"category": "product_version",
"name": "rust-1.59.0-150300.21.20.1.ppc64le",
"product": {
"name": "rust-1.59.0-150300.21.20.1.ppc64le",
"product_id": "rust-1.59.0-150300.21.20.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rust1.58-1.58.0-150300.7.3.1.ppc64le",
"product": {
"name": "rust1.58-1.58.0-150300.7.3.1.ppc64le",
"product_id": "rust1.58-1.58.0-150300.7.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "rust1.59-1.59.0-150300.7.4.2.ppc64le",
"product": {
"name": "rust1.59-1.59.0-150300.7.4.2.ppc64le",
"product_id": "rust1.59-1.59.0-150300.7.4.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cargo-1.59.0-150300.21.20.1.s390x",
"product": {
"name": "cargo-1.59.0-150300.21.20.1.s390x",
"product_id": "cargo-1.59.0-150300.21.20.1.s390x"
}
},
{
"category": "product_version",
"name": "cargo1.58-1.58.0-150300.7.3.1.s390x",
"product": {
"name": "cargo1.58-1.58.0-150300.7.3.1.s390x",
"product_id": "cargo1.58-1.58.0-150300.7.3.1.s390x"
}
},
{
"category": "product_version",
"name": "cargo1.59-1.59.0-150300.7.4.2.s390x",
"product": {
"name": "cargo1.59-1.59.0-150300.7.4.2.s390x",
"product_id": "cargo1.59-1.59.0-150300.7.4.2.s390x"
}
},
{
"category": "product_version",
"name": "rust-1.59.0-150300.21.20.1.s390x",
"product": {
"name": "rust-1.59.0-150300.21.20.1.s390x",
"product_id": "rust-1.59.0-150300.21.20.1.s390x"
}
},
{
"category": "product_version",
"name": "rust1.58-1.58.0-150300.7.3.1.s390x",
"product": {
"name": "rust1.58-1.58.0-150300.7.3.1.s390x",
"product_id": "rust1.58-1.58.0-150300.7.3.1.s390x"
}
},
{
"category": "product_version",
"name": "rust1.59-1.59.0-150300.7.4.2.s390x",
"product": {
"name": "rust1.59-1.59.0-150300.7.4.2.s390x",
"product_id": "rust1.59-1.59.0-150300.7.4.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "cargo-1.59.0-150300.21.20.1.x86_64",
"product": {
"name": "cargo-1.59.0-150300.21.20.1.x86_64",
"product_id": "cargo-1.59.0-150300.21.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "cargo1.58-1.58.0-150300.7.3.1.x86_64",
"product": {
"name": "cargo1.58-1.58.0-150300.7.3.1.x86_64",
"product_id": "cargo1.58-1.58.0-150300.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "cargo1.59-1.59.0-150300.7.4.2.x86_64",
"product": {
"name": "cargo1.59-1.59.0-150300.7.4.2.x86_64",
"product_id": "cargo1.59-1.59.0-150300.7.4.2.x86_64"
}
},
{
"category": "product_version",
"name": "rust-1.59.0-150300.21.20.1.x86_64",
"product": {
"name": "rust-1.59.0-150300.21.20.1.x86_64",
"product_id": "rust-1.59.0-150300.21.20.1.x86_64"
}
},
{
"category": "product_version",
"name": "rust1.58-1.58.0-150300.7.3.1.x86_64",
"product": {
"name": "rust1.58-1.58.0-150300.7.3.1.x86_64",
"product_id": "rust1.58-1.58.0-150300.7.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "rust1.59-1.59.0-150300.7.4.2.x86_64",
"product": {
"name": "rust1.59-1.59.0-150300.7.4.2.x86_64",
"product_id": "rust1.59-1.59.0-150300.7.4.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo-1.59.0-150300.21.20.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.aarch64"
},
"product_reference": "cargo-1.59.0-150300.21.20.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo-1.59.0-150300.21.20.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.ppc64le"
},
"product_reference": "cargo-1.59.0-150300.21.20.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo-1.59.0-150300.21.20.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.s390x"
},
"product_reference": "cargo-1.59.0-150300.21.20.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo-1.59.0-150300.21.20.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.x86_64"
},
"product_reference": "cargo-1.59.0-150300.21.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.58-1.58.0-150300.7.3.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.aarch64"
},
"product_reference": "cargo1.58-1.58.0-150300.7.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.58-1.58.0-150300.7.3.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.ppc64le"
},
"product_reference": "cargo1.58-1.58.0-150300.7.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.58-1.58.0-150300.7.3.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.s390x"
},
"product_reference": "cargo1.58-1.58.0-150300.7.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.58-1.58.0-150300.7.3.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.x86_64"
},
"product_reference": "cargo1.58-1.58.0-150300.7.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.59-1.59.0-150300.7.4.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.aarch64"
},
"product_reference": "cargo1.59-1.59.0-150300.7.4.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.59-1.59.0-150300.7.4.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.ppc64le"
},
"product_reference": "cargo1.59-1.59.0-150300.7.4.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.59-1.59.0-150300.7.4.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.s390x"
},
"product_reference": "cargo1.59-1.59.0-150300.7.4.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cargo1.59-1.59.0-150300.7.4.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.x86_64"
},
"product_reference": "cargo1.59-1.59.0-150300.7.4.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-1.59.0-150300.21.20.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.aarch64"
},
"product_reference": "rust-1.59.0-150300.21.20.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-1.59.0-150300.21.20.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.ppc64le"
},
"product_reference": "rust-1.59.0-150300.21.20.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-1.59.0-150300.21.20.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.s390x"
},
"product_reference": "rust-1.59.0-150300.21.20.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust-1.59.0-150300.21.20.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.x86_64"
},
"product_reference": "rust-1.59.0-150300.21.20.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.58-1.58.0-150300.7.3.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.aarch64"
},
"product_reference": "rust1.58-1.58.0-150300.7.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.58-1.58.0-150300.7.3.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.ppc64le"
},
"product_reference": "rust1.58-1.58.0-150300.7.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.58-1.58.0-150300.7.3.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.s390x"
},
"product_reference": "rust1.58-1.58.0-150300.7.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.58-1.58.0-150300.7.3.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.x86_64"
},
"product_reference": "rust1.58-1.58.0-150300.7.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.59-1.59.0-150300.7.4.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.aarch64"
},
"product_reference": "rust1.59-1.59.0-150300.7.4.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.59-1.59.0-150300.7.4.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.ppc64le"
},
"product_reference": "rust1.59-1.59.0-150300.7.4.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.59-1.59.0-150300.7.4.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.s390x"
},
"product_reference": "rust1.59-1.59.0-150300.7.4.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rust1.59-1.59.0-150300.7.4.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.x86_64"
},
"product_reference": "rust1.59-1.59.0-150300.7.4.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21658"
}
],
"notes": [
{
"category": "general",
"text": "Rust is a multi-paradigm, general-purpose programming language designed for performance and safety, especially safe concurrency. The Rust Security Response WG was notified that the `std::fs::remove_dir_all` standard library function is vulnerable a race condition enabling symlink following (CWE-363). An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn\u0027t otherwise access or delete. Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability with 1.58.1 containing a patch. Note that the following build targets don\u0027t have usable APIs to properly mitigate the attack, and are thus still vulnerable even with a patched toolchain: macOS before version 10.10 (Yosemite) and REDOX. We recommend everyone to update to Rust 1.58.1 as soon as possible, especially people developing programs expected to run in privileged contexts (including system daemons and setuid binaries), as those have the highest risk of being affected by this. Note that adding checks in your codebase before calling remove_dir_all will not mitigate the vulnerability, as they would also be vulnerable to race conditions like remove_dir_all itself. The existing mitigation is working as intended outside of race conditions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.aarch64",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.ppc64le",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.s390x",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.x86_64",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.aarch64",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.ppc64le",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.s390x",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.x86_64",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.aarch64",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.ppc64le",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.s390x",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.x86_64",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.aarch64",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.ppc64le",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.s390x",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.x86_64",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.aarch64",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.ppc64le",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.s390x",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.x86_64",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.aarch64",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.ppc64le",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.s390x",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21658",
"url": "https://www.suse.com/security/cve/CVE-2022-21658"
},
{
"category": "external",
"summary": "SUSE Bug 1194767 for CVE-2022-21658",
"url": "https://bugzilla.suse.com/1194767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.aarch64",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.ppc64le",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.s390x",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.x86_64",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.aarch64",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.ppc64le",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.s390x",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.x86_64",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.aarch64",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.ppc64le",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.s390x",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.x86_64",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.aarch64",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.ppc64le",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.s390x",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.x86_64",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.aarch64",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.ppc64le",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.s390x",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.x86_64",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.aarch64",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.ppc64le",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.s390x",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.aarch64",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.ppc64le",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.s390x",
"openSUSE Leap 15.3:cargo-1.59.0-150300.21.20.1.x86_64",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.aarch64",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.ppc64le",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.s390x",
"openSUSE Leap 15.3:cargo1.58-1.58.0-150300.7.3.1.x86_64",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.aarch64",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.ppc64le",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.s390x",
"openSUSE Leap 15.3:cargo1.59-1.59.0-150300.7.4.2.x86_64",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.aarch64",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.ppc64le",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.s390x",
"openSUSE Leap 15.3:rust-1.59.0-150300.21.20.1.x86_64",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.aarch64",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.ppc64le",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.s390x",
"openSUSE Leap 15.3:rust1.58-1.58.0-150300.7.3.1.x86_64",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.aarch64",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.ppc64le",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.s390x",
"openSUSE Leap 15.3:rust1.59-1.59.0-150300.7.4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-15T10:33:50Z",
"details": "moderate"
}
],
"title": "CVE-2022-21658"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…