pkg:crates.io/coreutils

44 total CVEsHIGH4MEDIUM25LOW15

✅ Check your installed version

All known vulnerabilities

  • HIGH7.8CVE-2026-35368uutils coreutils has an Untrusted Search Path
    from 0, <= 0.8.0
  • HIGH7.3CVE-2026-35338uutils coreutils allows users to bypass the --preserve-root safety mechanism
    from 0, < 0.6.0
  • HIGH7.1CVE-2026-35341uutils coreutils allows unauthorized modification of permissions on existing files
    from 0, <= 0.8.0
  • HIGH7.0CVE-2026-35352uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
    from 0, <= 0.8.0
  • MEDIUM6.7CVE-2026-35349uutils coreutils has a Link Following Issue Via rm Utility
    from 0, < 0.7.0
  • MEDIUM6.6CVE-2026-35365uutils coreutils has a Link Following issue
    from 0, < 0.7.0
  • MEDIUM6.6CVE-2026-35350uutils coreutils doesn't properly handle setuid and setgid bits when ownership preservation fails
    from 0, <= 0.8.0
  • MEDIUM6.3CVE-2026-35374uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, <= 0.8.0
  • MEDIUM6.3CVE-2026-35364uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, <= 0.8.0
  • MEDIUM6.3CVE-2026-35356uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
    from 0, < 0.7.0
  • MEDIUM6.3CVE-2026-35360uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, <= 0.8.0
  • MEDIUM6.3CVE-2026-35355uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
    from 0, < 0.6.0
  • MEDIUM5.6CVE-2026-35363uutils coreutils has a Path Traversal issue
    from 0, <= 0.8.0
  • MEDIUM5.5CVE-2026-35380uutils coreutils has an Improper Input Validation Issue in its cut Utility
    from 0, < 0.8.0
  • MEDIUM5.5CVE-2026-35369uutils coreutils has an Improper Input Validation issue
    from 0, < 0.6.0
  • MEDIUM5.5CVE-2026-35348uutils coreutils has an Uncaught Exception When Encountering Valid but Non-UTF-8 Paths
    from 0, <= 0.8.0
  • MEDIUM5.5CVE-2026-35340uutils coreutils has an Incorrect Check of Function Return Value
    from 0, < 0.6.0
  • MEDIUM5.5CVE-2026-35339uutils coreutils incorrectly handles exit codes when processing multiple files
    from 0, < 0.6.0
  • MEDIUM5.3CVE-2026-35345uutils coreutils has a Link Following Issue
    from 0, <= 0.8.0
  • MEDIUM5.0CVE-2026-35372uutils coreutils has a UNIX Symbolic Link (Symlink) Following issue
    from 0, < 0.8.0
  • MEDIUM4.7CVE-2026-35357uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, <= 0.8.0
  • MEDIUM4.7CVE-2026-35359uutils coreutils has a Link Following issue
    from 0, <= 0.8.0
  • MEDIUM4.7CVE-2026-35354uutils coreutils has a Time-of-Check to Time-of-Use (TOCTOU) race condition
    from 0, <= 0.8.0
  • MEDIUM4.5CVE-2026-35376uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, <= 0.8.0
  • MEDIUM4.4CVE-2026-35370uutils coreutils has an Incorrect Authorization issue
    from 0, <= 0.8.0
  • MEDIUM4.4CVE-2026-35366uutils coreutils has an Improper Check for Unusual or Exceptional Conditions
    from 0, < 0.6.0
  • MEDIUM4.4CVE-2026-35358uutils coreutils Uses Incorrectly-Resolved Name or Reference
    from 0, < 0.7.0
  • MEDIUM4.4CVE-2026-35347uutils coreutils' comm utility incorrectly consumes data from non-regular file inputs before performing comparison operations
    from 0, < 0.6.0
  • MEDIUM4.2CVE-2026-35351uutils coreutils doesn't preserve file ownership during moves across different filesystem boundaries
    from 0, <= 0.8.0
  • LOW3.6CVE-2026-35362uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, < 0.6.0
  • LOW3.4CVE-2026-35361uutils coreutils has an Improper Preservation of Permissions issue
    from 0, < 0.6.0
  • LOW3.3CVE-2026-35371uutils coreutils's User Interface (UI) Misrepresents Critical Information
    from 0, <= 0.8.0
  • LOW3.3CVE-2026-35373uutils coreutils has an Improper Handling of Unicode Encoding Issue
    from 0, <= 0.8.0
  • LOW3.3CVE-2026-35378uutils coreutils has an Incorrect Short Circuit Evaluation Issue
    from 0, < 0.8.0
  • LOW3.3CVE-2026-35375uutils coreutils has an Improper Handling of Unicode Encoding Issue
    from 0, < 0.8.0
  • LOW3.3CVE-2026-35377uutils coreutils has an Improper Input Validation Issue in its env Utility
    from 0, <= 0.8.0
  • LOW3.3CVE-2026-35379uutils coreutils has an Incorrect Provision of Specified Functionality Issue
    from 0, < 0.8.0
  • LOW3.3CVE-2026-35381uutils coreutils has an Incorrect Provision of Specified Functionality Issue in its cut Utility
    from 0, < 0.8.0
  • LOW3.3CVE-2026-35344uutils coreutils has an Unchecked Return Value Issue
    from 0, <= 0.8.0
  • LOW3.3CVE-2026-35343uutils coreutils has an Issue With its Always-Incorrect Control Flow Implementation
    from 0, < 0.7.0
  • LOW3.3CVE-2026-35346coreutils' comm utility silently corrupts data by performing lossy UTF-8 conversion on all output lines
    from 0, < 0.6.0
  • LOW3.3CVE-2026-35353uutils coreutils has a Time-of-check Time-of-use (TOCTOU) Race Condition
    from 0, < 0.6.0
  • LOW3.3CVE-2026-35367uutils coreutils has an Incorrect Permission Assignment for Critical Resource
    from 0, <= 0.8.0
  • LOW3.3CVE-2026-35342uutils coreutils' mktemp utility doesn't properly handle an empty TMPDIR environment variable
    from 0, < 0.6.0