Msrc Azl3 Rust 1.75.0-25 On Azure Linux 3.0 vulnerabilities

9 known vulnerabilities affecting msrc/azl3_rust_1.75.0-25_on_azure_linux_3.0.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2MEDIUM6LOW1

Vulnerabilities

Page 1 of 1
CVE-2026-27135HIGHCVSS 7.52026-03-10
CVE-2026-27135 [HIGH] CWE-617 nghttp2 Denial of service: Assertion failure due to the missing state validation nghttp2 Denial of service: Assertion failure due to the missing state validation Mariner: Mariner GitHub_M: GitHub_M Customer Action Required: Yes Remediation: CBL-Mariner Releases Reference: https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade
msrc
CVE-2026-3805HIGHCVSS 7.52026-03-10
CVE-2026-3805 [HIGH] use after free in SMB connection reuse use after free in SMB connection reuse Mariner: Mariner curl: curl Customer Action Required: Yes
msrc
CVE-2026-3784MEDIUMCVSS 6.52026-03-10
CVE-2026-3784 [MEDIUM] wrong proxy connection reuse with credentials wrong proxy connection reuse with credentials Mariner: Mariner curl: curl Customer Action Required: Yes
msrc
CVE-2026-33055MEDIUMCVSS 5.12026-03-10
CVE-2026-33055 [MEDIUM] CWE-843 tar-rs incorrectly ignores PAX size headers if header size is nonzero tar-rs incorrectly ignores PAX size headers if header size is nonzero Mariner: Mariner GitHub_M: GitHub_M Customer Action Required: Yes
msrc
CVE-2026-1965MEDIUMCVSS 6.52026-03-10
CVE-2026-1965 [MEDIUM] bad reuse of HTTP Negotiate connection bad reuse of HTTP Negotiate connection Mariner: Mariner curl: curl Customer Action Required: Yes
msrc
CVE-2026-3783MEDIUMCVSS 5.32026-03-10
CVE-2026-3783 [MEDIUM] token leak with redirect and netrc token leak with redirect and netrc Mariner: Mariner curl: curl Customer Action Required: Yes
msrc
CVE-2026-33056MEDIUMCVSS 5.12026-03-10
CVE-2026-33056 [MEDIUM] CWE-61 tar-rs: unpack_in can chmod arbitrary directories by following symlinks tar-rs: unpack_in can chmod arbitrary directories by following symlinks Mariner: Mariner GitHub_M: GitHub_M Customer Action Required: Yes
msrc
CVE-2026-2673MEDIUMCVSS 5.32026-03-10
CVE-2026-2673 [HIGH] CWE-757 OpenSSL TLS 1.3 server may choose unexpected key agreement group OpenSSL TLS 1.3 server may choose unexpected key agreement group Mariner: Mariner openssl: openssl Customer Action Required: Yes
msrc
CVE-2024-58266LOWCVSS 3.22025-07-08
CVE-2024-58266 [LOW] CWE-116 The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection. The shlex crate before 1.2.1 for Rust allows unquoted and unescaped instances of the { and \xa0 characters, which may facilitate command injection. FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability? One of the main benefits to
msrc
Msrc Azl3 Rust 1.75.0-25 On Azure Linux 3.0 vulnerabilities | cvebase