CVE-2024-58266

Опубликовано: 27 июл. 2025

Источник: debian

EPSS Низкий

Описание

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.

Пакет	Статус	Версия исправления	Релиз	Тип
rust-shlex	fixed	1.3.0-1		package
rust-shlex	no-dsa		bookworm	package
rust-shlex	no-dsa		bullseye	package
rust-shlex	no-dsa		buster	package

EPSS

Процентиль: 14%

0.0006

Низкий

CVE-2024-58266

CVSS3: 3.2

ubuntu

4 месяца назад

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.

CVE-2024-58266

CVSS3: 3.2

redhat

4 месяца назад

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.

CVE-2024-58266

CVSS3: 3.2

nvd

4 месяца назад

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.

CVE-2024-58266

CVSS3: 3.2

msrc

3 месяца назад

The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection.

SUSE-SU-2025:03077-1

suse-cvrf

3 месяца назад

Security update for rav1e

EPSS

Процентиль: 14%

0.0006

Низкий