USN-8168-1

Source
https://ubuntu.com/security/notices/USN-8168-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-8168-1
Upstream
Related
Published
2026-04-13T12:35:50Z
Modified
2026-04-27T18:47:51.804969Z
Summary
rustc vulnerability
Details

It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, and possibly escalate privileges.

References

Affected packages

Ubuntu:22.04:LTS
rustc

Package

Name
rustc
Purl
pkg:deb/ubuntu/rustc@1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1

Affected versions

1.*
1.51.0+dfsg1+llvm-1~exp3ubuntu1
1.53.0+dfsg1+llvm-4ubuntu1
1.54.0+dfsg2+llvm-3ubuntu1
1.56.0+dfsg1+llvm-2ubuntu1
1.56.0+dfsg1+llvm-2ubuntu2
1.57.0+dfsg1+llvm-0ubuntu1
1.57.0+dfsg1+llvm-0ubuntu2
1.58.1+dfsg1~ubuntu1-0ubuntu1
1.58.1+dfsg1~ubuntu1-0ubuntu2
1.59.0+dfsg1-1~ubuntu2~22.04.1
1.61.0+dfsg1-1~exp1ubuntu0.22.04.1
1.65.0+dfsg0ubuntu1-0ubuntu0.22.04.1
1.66.1+dfsg0ubuntu1-0ubuntu0.22.04.1
1.70.0+dfsg0ubuntu1~bpo2-0ubuntu0.22.04.1
1.70.0+dfsg0ubuntu1~bpo2-0ubuntu0.22.04.2
1.71.1+dfsg0ubuntu3~bpo0-0ubuntu0.22.04
1.72.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04
1.73.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04
1.74.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04
1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.75",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-all",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-clippy",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-gdb",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-lldb",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-src",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt",
            "binary_version": "1.75.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.62

Package

Name
rustc-1.62
Purl
pkg:deb/ubuntu/rustc-1.62@1.62.1+dfsg1-1ubuntu0.22.04.3?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.62.1+dfsg1-1ubuntu0.22.04.3

Affected versions

1.*
1.62.1+dfsg1-1ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "libstd-rust-1.62",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.62-all",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.62-clippy",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.62-gdb",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.62-lldb",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.62-src",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rustc-1.62",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        },
        {
            "binary_name": "rustfmt-1.62",
            "binary_version": "1.62.1+dfsg1-1ubuntu0.22.04.3"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.76

Package

Name
rustc-1.76
Purl
pkg:deb/ubuntu/rustc-1.76@1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1

Affected versions

1.*
1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.76-all",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.76-clippy",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.76-gdb",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.76-lldb",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.76-src",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.77

Package

Name
rustc-1.77
Purl
pkg:deb/ubuntu/rustc-1.77@1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1

Affected versions

1.*
1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.77-all",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.77-clippy",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.77-gdb",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.77-lldb",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.77-src",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.78

Package

Name
rustc-1.78
Purl
pkg:deb/ubuntu/rustc-1.78@1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1

Affected versions

1.*
1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.78-all",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.78-clippy",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.78-gdb",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.78-lldb",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.78-src",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.79

Package

Name
rustc-1.79
Purl
pkg:deb/ubuntu/rustc-1.79@1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1

Affected versions

1.*
1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.79-all",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.79-clippy",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.79-gdb",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.79-lldb",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.79-src",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1~bpo0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.80

Package

Name
rustc-1.80
Purl
pkg:deb/ubuntu/rustc-1.80@1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1

Affected versions

1.*
1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.80-all",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.80-clippy",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.80-gdb",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.80-lldb",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.80-src",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1~bpo0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.81

Package

Name
rustc-1.81
Purl
pkg:deb/ubuntu/rustc-1.81@1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1

Affected versions

1.*
1.81.0+dfsg0ubuntu0-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.81-all",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.81-clippy",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.81-gdb",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.81-lldb",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.81-src",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu0-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.82

Package

Name
rustc-1.82
Purl
pkg:deb/ubuntu/rustc-1.82@1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1

Affected versions

1.*
1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.82-all",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.82-clippy",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.82-gdb",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.82-lldb",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rust-1.82-src",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustc-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0~jammy-0ubuntu0.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.83

Package

Name
rustc-1.83
Purl
pkg:deb/ubuntu/rustc-1.83@1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1

Affected versions

1.*
1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04~ppa3

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rust-1.83-all",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rust-1.83-clippy",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rust-1.83-gdb",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rust-1.83-lldb",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rust-1.83-src",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rustc-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu2~bpo2-0ubuntu2.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.84

Package

Name
rustc-1.84
Purl
pkg:deb/ubuntu/rustc-1.84@1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1

Affected versions

1.*
1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rust-1.84-all",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rust-1.84-clippy",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rust-1.84-gdb",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rust-1.84-lldb",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rust-1.84-src",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rustc-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo10-0ubuntu4.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.85

Package

Name
rustc-1.85
Purl
pkg:deb/ubuntu/rustc-1.85@1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1

Affected versions

1.*
1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.22.03
1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "libstd-rust-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rust-1.85-all",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rust-1.85-clippy",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rust-1.85-gdb",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rust-1.85-lldb",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rust-1.85-src",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rustc-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        },
        {
            "binary_name": "rustfmt-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu1.22.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.89

Package

Name
rustc-1.89
Purl
pkg:deb/ubuntu/rustc-1.89@1.89.0+dfsg~24.04-0ubuntu0.22.04.2?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.89.0+dfsg~24.04-0ubuntu0.22.04.2

Affected versions

1.*
1.89.0+dfsg~24.04-0ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "libstd-rust-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rust-1.89-all",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rust-1.89-clippy",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rust-1.89-gdb",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rust-1.89-lldb",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rust-1.89-src",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rustc-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        },
        {
            "binary_name": "rustfmt-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.22.04.2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.91

Package

Name
rustc-1.91
Purl
pkg:deb/ubuntu/rustc-1.91@1.91.1+dfsg~22.04-0ubuntu0.22.04.3?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.91.1+dfsg~22.04-0ubuntu0.22.04.3

Affected versions

1.*
1.91.1+dfsg~22.04-0ubuntu0.22.04.2

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.91",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "libstd-rust-1.91",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.91-all",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.91-clippy",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.91-gdb",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.91-lldb",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rust-1.91-src",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rustc-1.91",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        },
        {
            "binary_name": "rustfmt-1.91",
            "binary_version": "1.91.1+dfsg~22.04-0ubuntu0.22.04.3"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
Ubuntu:24.04:LTS
rustc

Package

Name
rustc
Purl
pkg:deb/ubuntu/rustc@1.75.0+dfsg0ubuntu1-0ubuntu7.4?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.75.0+dfsg0ubuntu1-0ubuntu7.4

Affected versions

1.*
1.71.1+dfsg0ubuntu2-0ubuntu1
1.73.0+dfsg0ubuntu1-0ubuntu1
1.74.1+dfsg0ubuntu1-0ubuntu1
1.75.0+dfsg0ubuntu1-0ubuntu1
1.75.0+dfsg0ubuntu1-0ubuntu6
1.75.0+dfsg0ubuntu1-0ubuntu7
1.75.0+dfsg0ubuntu1-0ubuntu7.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "libstd-rust-1.75",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rust-all",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rust-clippy",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rust-gdb",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rust-lldb",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rust-src",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rustc",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        },
        {
            "binary_name": "rustfmt",
            "binary_version": "1.75.0+dfsg0ubuntu1-0ubuntu7.4"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.74

Package

Name
rustc-1.74
Purl
pkg:deb/ubuntu/rustc-1.74@1.74.1+dfsg0ubuntu1-0ubuntu15?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.74.1+dfsg0ubuntu1-0ubuntu15

Affected versions

1.*
1.74.1+dfsg0ubuntu1-0ubuntu2
1.74.1+dfsg0ubuntu1-0ubuntu13

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.74",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rust-1.74-all",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rust-1.74-clippy",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rust-1.74-gdb",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rust-1.74-lldb",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rust-1.74-src",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rustc-1.74",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        },
        {
            "binary_name": "rustfmt-1.74",
            "binary_version": "1.74.1+dfsg0ubuntu1-0ubuntu15"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.76

Package

Name
rustc-1.76
Purl
pkg:deb/ubuntu/rustc-1.76@1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2

Affected versions

1.*
1.76.0+dfsg0ubuntu1-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "libstd-rust-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.76-all",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.76-clippy",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.76-gdb",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.76-lldb",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.76-src",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustc-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustfmt-1.76",
            "binary_version": "1.76.0+dfsg0ubuntu1-0ubuntu0.24.04.2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.77

Package

Name
rustc-1.77
Purl
pkg:deb/ubuntu/rustc-1.77@1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1

Affected versions

1.*
1.77.2+dfsg1ubuntu1-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "libstd-rust-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.77-all",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.77-clippy",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.77-gdb",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.77-lldb",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.77-src",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustc-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustfmt-1.77",
            "binary_version": "1.77.2+dfsg1ubuntu1-0ubuntu0.24.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.78

Package

Name
rustc-1.78
Purl
pkg:deb/ubuntu/rustc-1.78@1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2

Affected versions

1.*
1.78.0+dfsg1ubuntu1-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "libstd-rust-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.78-all",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.78-clippy",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.78-gdb",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.78-lldb",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.78-src",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustc-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustfmt-1.78",
            "binary_version": "1.78.0+dfsg1ubuntu1-0ubuntu0.24.04.2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.79

Package

Name
rustc-1.79
Purl
pkg:deb/ubuntu/rustc-1.79@1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1

Affected versions

1.*
1.79.0+dfsg1ubuntu1-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "libstd-rust-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.79-all",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.79-clippy",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.79-gdb",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.79-lldb",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.79-src",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustc-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustfmt-1.79",
            "binary_version": "1.79.0+dfsg1ubuntu1-0ubuntu0.24.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.80

Package

Name
rustc-1.80
Purl
pkg:deb/ubuntu/rustc-1.80@1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01

Affected versions

1.*
1.80.1+dfsg0ubuntu1-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "libstd-rust-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rust-1.80-all",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rust-1.80-clippy",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rust-1.80-gdb",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rust-1.80-lldb",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rust-1.80-src",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rustc-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        },
        {
            "binary_name": "rustfmt-1.80",
            "binary_version": "1.80.1+dfsg0ubuntu1-0ubuntu0.24.04.01"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.81

Package

Name
rustc-1.81
Purl
pkg:deb/ubuntu/rustc-1.81@1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1

Affected versions

1.*
1.81.0+dfsg0ubuntu1-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "libstd-rust-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.81-all",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.81-clippy",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.81-gdb",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.81-lldb",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.81-src",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustc-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustfmt-1.81",
            "binary_version": "1.81.0+dfsg0ubuntu1-0ubuntu0.24.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.82

Package

Name
rustc-1.82
Purl
pkg:deb/ubuntu/rustc-1.82@1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1

Affected versions

1.*
1.82.0+dfsg0ubuntu0-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "libstd-rust-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.82-all",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.82-clippy",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.82-gdb",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.82-lldb",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.82-src",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustc-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustfmt-1.82",
            "binary_version": "1.82.0+dfsg0ubuntu0-0ubuntu0.24.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.83

Package

Name
rustc-1.83
Purl
pkg:deb/ubuntu/rustc-1.83@1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1

Affected versions

1.*
1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "libstd-rust-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.83-all",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.83-clippy",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.83-gdb",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.83-lldb",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rust-1.83-src",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustc-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        },
        {
            "binary_name": "rustfmt-1.83",
            "binary_version": "1.83.0+dfsg0ubuntu1~bpo2-0ubuntu0.24.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.84

Package

Name
rustc-1.84
Purl
pkg:deb/ubuntu/rustc-1.84@1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1

Affected versions

1.*
1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "libstd-rust-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rust-1.84-all",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rust-1.84-clippy",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rust-1.84-gdb",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rust-1.84-lldb",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rust-1.84-src",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rustc-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        },
        {
            "binary_name": "rustfmt-1.84",
            "binary_version": "1.84.1+dfsg0ubuntu1~bpo2-0ubuntu2.24.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.85

Package

Name
rustc-1.85
Purl
pkg:deb/ubuntu/rustc-1.85@1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2

Affected versions

1.*
1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "libstd-rust-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.85-all",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.85-clippy",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.85-gdb",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.85-lldb",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.85-src",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustc-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustfmt-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2~bpo0-0ubuntu0.24.04.2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.89

Package

Name
rustc-1.89
Purl
pkg:deb/ubuntu/rustc-1.89@1.89.0+dfsg~24.04-0ubuntu0.24.04.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.89.0+dfsg~24.04-0ubuntu0.24.04.2

Affected versions

1.*
1.89.0+dfsg~24.04-0ubuntu0.24.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "libstd-rust-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.89-all",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.89-clippy",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.89-gdb",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.89-lldb",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.89-src",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustc-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustfmt-1.89",
            "binary_version": "1.89.0+dfsg~24.04-0ubuntu0.24.04.2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.91

Package

Name
rustc-1.91
Purl
pkg:deb/ubuntu/rustc-1.91@1.91.1+dfsg~24.04-0ubuntu0.24.04.2?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.91.1+dfsg~24.04-0ubuntu0.24.04.2

Affected versions

1.*
1.91.1+dfsg~24.04-0ubuntu0.24.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.91",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "libstd-rust-1.91",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.91-all",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.91-clippy",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.91-gdb",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.91-lldb",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rust-1.91-src",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustc-1.91",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        },
        {
            "binary_name": "rustfmt-1.91",
            "binary_version": "1.91.1+dfsg~24.04-0ubuntu0.24.04.2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:24.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
Ubuntu:25.10
rustc-1.85

Package

Name
rustc-1.85
Purl
pkg:deb/ubuntu/rustc-1.85@1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1

Affected versions

1.*
1.85.1+dfsg0ubuntu1-0ubuntu1
1.85.1+dfsg0ubuntu2-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "libstd-rust-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rust-1.85-all",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rust-1.85-clippy",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rust-1.85-gdb",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rust-1.85-lldb",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rust-1.85-src",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rustc-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        },
        {
            "binary_name": "rustfmt-1.85",
            "binary_version": "1.85.1+dfsg0ubuntu2-0ubuntu1.25.04.1"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:25.10"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"
rustc-1.88

Package

Name
rustc-1.88
Purl
pkg:deb/ubuntu/rustc-1.88@1.88.0+dfsg0ubuntu1-0ubuntu2?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.88.0+dfsg0ubuntu1-0ubuntu2

Affected versions

1.*
1.88.0+dfsg0ubuntu1-0ubuntu1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_name": "cargo-1.88",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "libstd-rust-1.88",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rust-1.88-all",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rust-1.88-clippy",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rust-1.88-gdb",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rust-1.88-lldb",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rust-1.88-src",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rustc-1.88",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        },
        {
            "binary_name": "rustfmt-1.88",
            "binary_version": "1.88.0+dfsg0ubuntu1-0ubuntu2"
        }
    ]
}

Database specific

cves_map
{
    "cves": [
        {
            "id": "CVE-2026-33056",
            "severity": [
                {
                    "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                    "type": "CVSS_V4"
                },
                {
                    "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
                    "type": "CVSS_V3"
                },
                {
                    "score": "medium",
                    "type": "Ubuntu"
                }
            ]
        }
    ],
    "ecosystem": "Ubuntu:25.10"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-8168-1.json"