Package impact
RUST / coreutils
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2026-35368 | high | — | 8.0 | 1mo ago | A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam() after entering the chroot but before drop… | |
| CVE-2026-35338 | high | — | 8.0 | 1mo ago | A vulnerability in the chmod utility of uutils coreutils allows users to bypass the --preserve-root safety mechanism. The implementation only validates if the target path is literally / and does not … | |
| CVE-2026-35341 | high | — | 8.0 | 1mo ago | A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target pa… | |
| CVE-2026-35352 | high | 7.0 | 7.0 | 1mo ago | A Time-of-Check to Time-of-Use (TOCTOU) race condition exists in the mkfifo utility of uutils coreutils. The utility creates a FIFO and then performs a path-based chmod to set permissions. A local at… |