fromInfoWorld
21 hours agoSerious vulnerability found in Rust library
Researchers at Edera say they have uncovered a critical boundary-parsing bug, dubbed TARmageddon ( CVE-2025-62518), in the popular async-tar Rust library. And not only is it in this library, but also in its many forks, including the widely used tokio-tar. "In the worst-case scenario, this vulnerability has a severity of 8.1 (High) and can lead to Remote Code Execution (RCE) through file overwriting attacks, such as replacing configuration files or hijacking build backends," the researchers say in a report.
Information security