Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Uutils — Vulnerabilities & Security Advisories 44

Browse all 44 CVE security advisories affecting Uutils. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Uutils provides a comprehensive suite of core Unix utilities, including ls, cat, and grep, implemented in Rust for cross-platform compatibility. This software serves as a critical dependency for many Linux distributions and development environments, aiming to replace traditional GNU coreutils. Historically, the project has faced 44 recorded Common Vulnerabilities and Exposures, predominantly involving buffer overflows, integer overflows, and improper input validation within parsing logic. These flaws frequently lead to remote code execution or denial-of-service conditions, particularly when processing malformed file inputs or command-line arguments. While no major widespread incidents have been publicly documented beyond standard patch cycles, the high volume of CVEs highlights persistent challenges in memory safety despite Rust’s inherent protections. Security audits often reveal edge-case failures in argument parsing and file handling, necessitating rigorous regression testing to maintain system integrity across diverse operating systems.

Top products by Uutils: coreutils
CVE IDTitleCVSSSeverityPublished
CVE-2026-35351 uutils coreutils mv Silent Ownership Loss in Cross-Device Operations — coreutilsCWE-281 4.2 Medium2026-04-22
CVE-2026-35350 uutils coreutils cp Unexpected Privileged Executable Creation with -p — coreutilsCWE-281 6.6 Medium2026-04-22
CVE-2026-35349 uutils coreutils Path-Based Safety Bypass with --preserve-root — coreutilsCWE-59 6.7 Medium2026-04-22
CVE-2026-35348 uutils coreutils sort Local Denial of Service via Forced UTF-8 Parsing — coreutilsCWE-248 5.5 Medium2026-04-22
CVE-2026-35347 uutils coreutils comm Silent Data Loss or Denial of Service via Improper Input Validation — coreutilsCWE-20 4.4 Medium2026-04-22
CVE-2026-35346 uutils coreutils comm Silent Data Corruption via Lossy UTF-8 Normalization — coreutilsCWE-176 3.3 Low2026-04-22
CVE-2026-35345 uutils coreutils tail Privileged Information Disclosure via Symlink Replacement Race — coreutilsCWE-367 5.3 Medium2026-04-22
CVE-2026-35344 uutils coreutils dd Silent Data Corruption via Unconditional Truncation Error Suppression — coreutilsCWE-252 3.3 Low2026-04-22
CVE-2026-35343 uutils coreutils cut Inconsistent Output Suppression with Newline Delimiters — coreutilsCWE-670 3.3 Low2026-04-22
CVE-2026-35342 uutils coreutils mktemp Insecure Temporary File Placement via Empty TMPDIR — coreutilsCWE-377 3.3 Low2026-04-22
CVE-2026-35341 uutils coreutils mkfifo Unauthorized Permission Change on Existing Files — coreutilsCWE-732 7.1 High2026-04-22
CVE-2026-35340 uutils coreutils chown and chgrp False Success Exit Code in Recursive Mode — coreutilsCWE-253 5.5 Medium2026-04-22
CVE-2026-35339 uutils coreutils chmod False Success Exit Code in Recursive Mode — coreutilsCWE-253 5.5 Medium2026-04-22
CVE-2026-35338 uutils coreutils chmod Path Traversal Bypass of --preserve-root — coreutilsCWE-22 7.3 High2026-04-22

This page lists every published CVE security advisory associated with Uutils. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.