UBUNTU-CVE-2026-0810

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2026-0810

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-0810.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-0810

Upstream

CVE-2026-0810

Published

2026-01-26T20:16:00Z

Modified

2026-04-27T18:54:55.383296Z

Severity

7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
Ubuntu - medium

Summary

[none]

Details

A flaw was found in gix-date. The gix_date::parse::TimeBuf::as_str function can generate strings containing invalid non-UTF8 characters. This issue violates the internal safety invariants of the TimeBuf component, leading to undefined behavior when these malformed strings are subsequently processed. This could potentially result in application instability or other unforeseen consequences.

References

Affected packages

Ubuntu:24.04:LTS / rust-gix-date

Package

Name: rust-gix-date
Purl: pkg:deb/ubuntu/rust-gix-date@0.8.0-1?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.8.0-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "0.8.0-1",
            "binary_name": "librust-gix-date-dev"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-0810.json"

Ubuntu:25.10 / rust-gix-date

Package

Name: rust-gix-date
Purl: pkg:deb/ubuntu/rust-gix-date@0.9.3-1?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.3-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "0.9.3-1",
            "binary_name": "librust-gix-date-dev"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-0810.json"

Ubuntu:26.04 / rust-gix-date

Package

Name: rust-gix-date
Purl: pkg:deb/ubuntu/rust-gix-date@0.10.7-1?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.9.3-1

0.9.3-2

0.10.7-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "0.10.7-1",
            "binary_name": "librust-gix-date-dev"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-0810.json"