{"affected":[{"ecosystem_specific":{"binaries":[{"rust-keylime":"0.2.8+12-slfo.1.1_1.1"}]},"package":{"ecosystem":"SUSE:Linux Micro 6.1","name":"rust-keylime","purl":"pkg:rpm/suse/rust-keylime&distro=SUSE%20Linux%20Micro%206.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.2.8+12-slfo.1.1_1.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for rust-keylime fixes the following issues:\n\n- CVE-2025-55159: slab: incorrect bounds check in get_disjoint_mut function can lead to undefined behavior or potential crash due to out-of-bounds access (bsc#1248006)\n- CVE-2025-3416: openssl: Use-After-Free in Md::fetch and Cipher::fetch in rust-openssl crate (bsc#1242623)\n- CVE-2024-58266: shlex: certain bytes allowed to appear unquoted and unescaped in command arguments (bsc#1247193)\n- CVE-2024-43806: rustix: rustix::fs::Dir iterator with the linux_raw backend can cause memory explosion (bsc#1229952)\n- CVE-2024-12224: idna: idna accepts Punycode labels that do not produce any non-ASCII when decoded (bsc#1243861)\n\n- RUSTSEC-2024-0006: Multiple issues involving quote API (bsc#1230029)\n","id":"SUSE-SU-2025:20858-1","modified":"2025-10-14T13:18:43Z","published":"2025-10-14T13:18:43Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202520858-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1229952"},{"type":"REPORT","url":"https://bugzilla.suse.com/1230029"},{"type":"REPORT","url":"https://bugzilla.suse.com/1242623"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243861"},{"type":"REPORT","url":"https://bugzilla.suse.com/1247193"},{"type":"REPORT","url":"https://bugzilla.suse.com/1248006"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-12224"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-43806"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2024-58266"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-3416"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-55159"}],"related":["CVE-2024-12224","CVE-2024-43806","CVE-2024-58266","CVE-2025-3416","CVE-2025-55159"],"summary":"Security update for rust-keylime","upstream":["CVE-2024-12224","CVE-2024-43806","CVE-2024-58266","CVE-2025-3416","CVE-2025-55159"]}