Rust Security Update Advisory (CVE-2024-24576)

Apr 11 2024

Overview

The Rust Security Labs WG has released a security update that fixes vulnerabilities in the Rust language. users of affected products are advised to update to the latest version.

Affected Products

Versions of the Rust language prior to 1.77.2

Resolved Vulnerabilities

Arbitrary shell command execution vulnerability due to failure to properly escape arguments when calling a batch file on Windows using the API in the Rust language (CVE-2024-24576)

Vulnerability Patches

vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

Rust language version 1.77.2

Referenced Sites

[1] `std::process::Command` did not properly escape arguments of batch files on Windows

https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh

{2] Security policy

https://www.rust-lang.org/policies/security

Rust Security Update Advisory (CVE-2024-24576)

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Broadcom Product Security Update Advisory (CVE-2023-3454)

Fortinet Family (FortiOS, FortiProxy, FortiClientLinux, FortiSandbox) Security Update Recommendations

Overview

Affected Products

Resolved Vulnerabilities

Vulnerability Patches

Referenced Sites

Tags:

Broadcom Product Security Update Advisory (CVE-2023-3454)

Fortinet Family (FortiOS, FortiProxy, FortiClientLinux, FortiSandbox) Security Update Recommendations