Update aliases from GHSA OSV export (#1693)

2025-12-27 01:54:07 -05:00 · 2023-06-13 15:10:24 +02:00
parent ea9ad160b6
commit 84c633df9c
383 changed files with 388 additions and 304 deletions
--- a/crates/abi_stable/RUSTSEC-2020-0105.md
+++ b/crates/abi_stable/RUSTSEC-2020-0105.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0105"
 package = "abi_stable"
-aliases = ["CVE-2020-36212", "CVE-2020-36213"]
+aliases = ["CVE-2020-36212", "CVE-2020-36213", "GHSA-vq23-5h4f-vwpv", "GHSA-wqxc-qrq4-w5v4"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-12-21"
 url = "https://github.com/rodrimati1992/abi_stable_crates/issues/44"
--- a/crates/abomonation/RUSTSEC-2021-0120.md
+++ b/crates/abomonation/RUSTSEC-2021-0120.md
@@ -7,6 +7,7 @@ url = "https://github.com/TimelyDataflow/abomonation/issues/23"
 categories = []
 keywords = []
 informational = "unsound"
+aliases = ["CVE-2021-45708", "GHSA-5vwc-r48g-wj6c", "GHSA-hfxp-p695-629x"]

 [versions]
 patched = []
--- a/crates/abox/RUSTSEC-2020-0121.md
+++ b/crates/abox/RUSTSEC-2020-0121.md
@@ -5,7 +5,7 @@ package = "abox"
 date = "2020-11-10"
 url = "https://github.com/SonicFrog/abox/issues/1"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36441"]
+aliases = ["CVE-2020-36441", "GHSA-r626-fc64-3q28"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/acc_reader/RUSTSEC-2020-0155.md
+++ b/crates/acc_reader/RUSTSEC-2020-0155.md
@@ -6,6 +6,7 @@ date = "2020-12-27"
 url = "https://github.com/netvl/acc_reader/issues/1"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2020-36513", "CVE-2020-36514", "GHSA-799f-r78p-gq9c", "GHSA-hv9v-7w3v-rj6f", "GHSA-p4cr-64x4-f92f"]

 [versions]
 patched = []
--- a/crates/actix-codec/RUSTSEC-2020-0049.md
+++ b/crates/actix-codec/RUSTSEC-2020-0049.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0049"
 package = "actix-codec"
-aliases = ["CVE-2020-35902"]
+aliases = ["CVE-2020-35902", "GHSA-rqgx-hpg4-456r"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-30"
--- a/crates/actix-http/RUSTSEC-2020-0048.md
+++ b/crates/actix-http/RUSTSEC-2020-0048.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0048"
 package = "actix-http"
-aliases = ["CVE-2020-35901"]
+aliases = ["CVE-2020-35901", "GHSA-v3j6-xf77-8r9c"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-24"
--- a/crates/actix-http/RUSTSEC-2021-0081.md
+++ b/crates/actix-http/RUSTSEC-2021-0081.md
@@ -4,7 +4,7 @@ id = "RUSTSEC-2021-0081"
 package = "actix-http"
 date = "2021-06-16"
 keywords = ["smuggling", "http", "reverse proxy", "request smuggling"]
-aliases = ["CVE-2021-38512"]
+aliases = ["CVE-2021-38512", "GHSA-8928-2fgm-6x9x"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"

 [versions]
--- a/crates/actix-service/RUSTSEC-2020-0046.md
+++ b/crates/actix-service/RUSTSEC-2020-0046.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0046"
 package = "actix-service"
-aliases = ["CVE-2020-35899"]
+aliases = ["CVE-2020-35899", "GHSA-whc7-5p35-4ww2"]
 cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-08"
--- a/crates/actix-utils/RUSTSEC-2020-0045.md
+++ b/crates/actix-utils/RUSTSEC-2020-0045.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0045"
 package = "actix-utils"
-aliases = ["CVE-2020-35898"]
+aliases = ["CVE-2020-35898", "GHSA-hhw2-pqhf-vmx2"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-08"
--- a/crates/actix-web/RUSTSEC-2018-0019.md
+++ b/crates/actix-web/RUSTSEC-2018-0019.md
@@ -5,6 +5,7 @@ package = "actix-web"
 categories = ["memory-corruption"]
 date = "2018-06-08"
 url = "https://github.com/actix/actix-web/issues/289"
+aliases = ["CVE-2018-25024", "CVE-2018-25025", "CVE-2018-25026", "GHSA-7x36-h62w-vw65", "GHSA-9qj6-4rfq-vm84", "GHSA-fgfm-hqjw-3265", "GHSA-w65j-g6c7-g3m4"]

 [versions]
 patched = [">= 0.7.15"]
--- a/crates/adtensor/RUSTSEC-2021-0045.md
+++ b/crates/adtensor/RUSTSEC-2021-0045.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0045"
 package = "adtensor"
-aliases = ["CVE-2021-29936"]
+aliases = ["CVE-2021-29936", "GHSA-rg4m-gww5-7p47"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-11"
 url = "https://github.com/charles-r-earp/adtensor/issues/4"
--- a/crates/alg_ds/RUSTSEC-2020-0033.md
+++ b/crates/alg_ds/RUSTSEC-2020-0033.md
@@ -4,7 +4,7 @@ id = "RUSTSEC-2020-0033"
 package = "alg_ds"
 date = "2020-08-25"
 url = "https://gitlab.com/dvshapkin/alg-ds/-/issues/1"
-aliases = ["CVE-2020-36432"]
+aliases = ["CVE-2020-36432", "GHSA-3vv3-frrq-6486"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/algorithmica/RUSTSEC-2021-0053.md
+++ b/crates/algorithmica/RUSTSEC-2021-0053.md
@@ -5,7 +5,7 @@ package = "algorithmica"
 date = "2021-03-07"
 url = "https://github.com/AbrarNitk/algorithmica/issues/1"
 categories = ["memory-corruption"]
-aliases = ["CVE-2021-31996"]
+aliases = ["CVE-2021-31996", "GHSA-jh37-772x-4hpw"]

 [versions]
 patched = []
--- a/crates/alpm-rs/RUSTSEC-2020-0032.md
+++ b/crates/alpm-rs/RUSTSEC-2020-0032.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0032"
 package = "alpm-rs"
-aliases = ["CVE-2020-35885"]
+aliases = ["CVE-2020-35885", "GHSA-qc4m-gc8r-mg8m"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-08-20"
 informational = "unsound"
--- a/crates/ammonia/RUSTSEC-2019-0001.md
+++ b/crates/ammonia/RUSTSEC-2019-0001.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0001"
 package = "ammonia"
-aliases = ["CVE-2019-15542"]
+aliases = ["CVE-2019-15542", "GHSA-5hp8-35wj-m525"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2019-04-27"
 keywords = ["stack-overflow", "crash"]
--- a/crates/ammonia/RUSTSEC-2021-0074.md
+++ b/crates/ammonia/RUSTSEC-2021-0074.md
@@ -6,7 +6,7 @@ date = "2021-07-08"
 url = "https://github.com/rust-ammonia/ammonia/pull/142"
 categories = ["format-injection"]
 keywords = ["html", "xss"]
-aliases = ["CVE-2021-38193"]
+aliases = ["CVE-2021-38193", "GHSA-5325-xw5m-phm3"]

 [versions]
 patched = [">= 3.1.0", ">= 2.1.3, < 3.0.0"]
--- a/crates/ammonia/RUSTSEC-2022-0003.md
+++ b/crates/ammonia/RUSTSEC-2022-0003.md
@@ -6,6 +6,7 @@ date = "2022-01-19"
 url = "https://github.com/rust-ammonia/ammonia/pull/147"
 categories = ["format-injection"]
 keywords = ["html", "xss"]
+aliases = ["GHSA-p2g9-94wh-65c2"]

 [affected]
 functions = { "ammonia::clean_text" = ["<= 3.1.2"] }
--- a/crates/anymap/RUSTSEC-2021-0065.md
+++ b/crates/anymap/RUSTSEC-2021-0065.md
@@ -5,7 +5,7 @@ package = "anymap"
 date = "2021-05-07"
 informational = "unmaintained"
 url = "https://github.com/chris-morgan/anymap/issues/37"
-aliases = ["CVE-2021-38187"]
+aliases = ["CVE-2021-38187", "GHSA-hc92-9h3m-c39j"]

 [versions]
 patched = []
--- a/crates/aovec/RUSTSEC-2020-0099.md
+++ b/crates/aovec/RUSTSEC-2020-0099.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0099"
 package = "aovec"
-aliases = ["CVE-2020-36207"]
+aliases = ["CVE-2020-36207", "GHSA-g489-xrw3-3v8w"]
 cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-10"
 categories = ["memory-corruption", "thread-safety"]
--- a/crates/appendix/RUSTSEC-2020-0149.md
+++ b/crates/appendix/RUSTSEC-2020-0149.md
@@ -5,7 +5,7 @@ package = "appendix"
 date = "2020-11-15"
 url = "https://github.com/krl/appendix/issues/6"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36469"]
+aliases = ["CVE-2020-36469", "GHSA-fvhr-7j8m-3cvc"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"

 [versions]
--- a/crates/arc-swap/RUSTSEC-2020-0091.md
+++ b/crates/arc-swap/RUSTSEC-2020-0091.md
@@ -6,7 +6,7 @@ date = "2020-12-10"
 url = "https://github.com/vorner/arc-swap/issues/45"
 categories = ["memory-corruption"]
 keywords = ["dangling reference"]
-aliases = ["CVE-2020-35711"]
+aliases = ["CVE-2020-35711", "GHSA-9pqx-g3jh-qpqq"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"

 [versions]
--- a/crates/arenavec/RUSTSEC-2021-0040.md
+++ b/crates/arenavec/RUSTSEC-2021-0040.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0040"
 package = "arenavec"
-aliases = ["CVE-2021-29930", "CVE-2021-29931"]
+aliases = ["CVE-2021-29930", "CVE-2021-29931", "GHSA-327x-39hh-65wf", "GHSA-955p-rc5h-hg6h"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-12"
 url = "https://github.com/ibabushkin/arenavec/issues/1"
--- a/crates/ark-r1cs-std/RUSTSEC-2021-0075.md
+++ b/crates/ark-r1cs-std/RUSTSEC-2021-0075.md
@@ -6,7 +6,7 @@ date = "2021-07-08"
 categories = ["crypto-failure"]
 keywords = ["r1cs", "zksnark", "arkworks"]
 url = "https://github.com/arkworks-rs/r1cs-std/pull/70"
-aliases = ["CVE-2021-38194"]
+aliases = ["CVE-2021-38194", "GHSA-qj3v-q2vj-4c8h"]

 [versions]
 patched = [">= 0.3.1"]
--- a/crates/arr/RUSTSEC-2020-0034.md
+++ b/crates/arr/RUSTSEC-2020-0034.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0034"
 package = "arr"
-aliases = ["CVE-2020-35886", "CVE-2020-35887", "CVE-2020-35888"]
+aliases = ["CVE-2020-35886", "CVE-2020-35887", "CVE-2020-35888", "GHSA-36xw-hgfv-jwm7", "GHSA-c7fw-cr3w-wvfc", "GHSA-fhvj-7f9p-w788"]
 date = "2020-08-25"
 url = "https://github.com/sjep/array/issues/1"
 categories = ["memory-corruption", "thread-safety"]
--- a/crates/array-macro/RUSTSEC-2020-0161.md
+++ b/crates/array-macro/RUSTSEC-2020-0161.md
@@ -6,6 +6,7 @@ date = "2020-05-07"
 url = "https://gitlab.com/KonradBorowski/array-macro/-/commit/01940637dd8f3bfeeee3faf9639fa9ae52f19f4d"
 categories = ["memory-corruption"]
 informational = "unsound"
+aliases = ["GHSA-83gg-pwxf-jr89"]

 [versions]
 patched = [">= 1.0.5"]
--- a/crates/array-macro/RUSTSEC-2022-0017.md
+++ b/crates/array-macro/RUSTSEC-2022-0017.md
@@ -6,6 +6,7 @@ date = "2022-04-27"
 url = "https://gitlab.com/KonradBorowski/array-macro/-/issues/5"
 categories = ["code-execution", "memory-corruption", "memory-exposure"]
 informational = "unsound"
+aliases = ["GHSA-7v4j-8wvr-v55r"]

 [versions]
 patched = [">= 2.1.2"]
--- a/crates/array-queue/RUSTSEC-2020-0047.md
+++ b/crates/array-queue/RUSTSEC-2020-0047.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0047"
 package = "array-queue"
-aliases = ["CVE-2020-35900"]
+aliases = ["CVE-2020-35900", "GHSA-75cq-g75g-rxff"]
 cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
 date = "2020-09-26"
 keywords = ["memory-corruption", "uninitialized-memory", "use-after-free"]
--- a/crates/array-tools/RUSTSEC-2020-0132.md
+++ b/crates/array-tools/RUSTSEC-2020-0132.md
@@ -5,7 +5,7 @@ package = "array-tools"
 date = "2020-12-31"
 url = "https://github.com/L117/array-tools/issues/2"
 categories = ["memory-corruption"]
-aliases = ["CVE-2020-36452"]
+aliases = ["CVE-2020-36452", "GHSA-6wp2-fw3v-mfmc"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/arrayfire/RUSTSEC-2018-0011.md
+++ b/crates/arrayfire/RUSTSEC-2018-0011.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2018-0011"
 package = "arrayfire"
-aliases = ["CVE-2018-20998"]
+aliases = ["CVE-2018-20998", "GHSA-69fv-gw6g-8ccg"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2018-12-18"
--- a/crates/arrow/RUSTSEC-2021-0116.md
+++ b/crates/arrow/RUSTSEC-2021-0116.md
@@ -6,6 +6,7 @@ date = "2021-09-14"
 references = ["https://github.com/apache/arrow-rs/issues/772", "https://github.com/apache/arrow-rs/issues/773"]
 categories = ["memory-exposure"]
 keywords = ["buffer-overflow"]
+aliases = ["GHSA-r7cj-wmwv-hfw5"]

 [versions]
 patched = [">= 6.4.0"]
--- a/crates/arrow/RUSTSEC-2021-0117.md
+++ b/crates/arrow/RUSTSEC-2021-0117.md
@@ -6,6 +6,7 @@ date = "2021-09-14"
 url = "https://github.com/apache/arrow-rs/issues/775"
 categories = ["memory-exposure"]
 keywords = ["buffer-overflow"]
+aliases = ["GHSA-h588-76vg-prgj"]

 [versions]
 patched = [">= 6.4.0"]
--- a/crates/arrow/RUSTSEC-2021-0118.md
+++ b/crates/arrow/RUSTSEC-2021-0118.md
@@ -6,6 +6,7 @@ date = "2021-09-14"
 url = "https://github.com/apache/arrow-rs/issues/774"
 categories = ["memory-exposure"]
 keywords = ["buffer-overflow"]
+aliases = ["GHSA-qgrp-8f3v-q85p"]

 [versions]
 patched = [">= 6.4.0"]
--- a/crates/arrow2/RUSTSEC-2022-0012.md
+++ b/crates/arrow2/RUSTSEC-2022-0012.md
@@ -5,6 +5,7 @@ package = "arrow2"
 date = "2022-03-04"
 url = "https://github.com/jorgecarleitao/arrow2/issues/880"
 categories = ["memory-corruption"]
+aliases = ["GHSA-5j8w-r7g8-5472"]

 [versions]
 patched = [">= 0.7.1, < 0.8", ">= 0.8.2, < 0.9", ">= 0.9.2, < 0.10", ">= 0.10.0"]
--- a/crates/ascii/RUSTSEC-2023-0015.md
+++ b/crates/ascii/RUSTSEC-2023-0015.md
@@ -7,6 +7,7 @@ url = "https://github.com/tomprogrammer/rust-ascii/issues/64"
 informational = "unsound"
 categories = ["memory-corruption"]
 keywords = ["ascii"]
+aliases = ["GHSA-mrrw-grhq-86gf"]
 [versions]
 patched = [">= 0.9.3"]
 unaffected = ["<= 0.6.0"]
--- a/crates/ash/RUSTSEC-2021-0090.md
+++ b/crates/ash/RUSTSEC-2021-0090.md
@@ -6,6 +6,7 @@ date = "2021-01-07"
 url = "https://github.com/MaikKlein/ash/issues/354"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2021-45688", "GHSA-64wv-8vwp-xgw2", "GHSA-qj69-c89v-jwq2"]

 [versions]
 patched = [">= 0.33.1"]
--- a/crates/asn1_der/RUSTSEC-2019-0007.md
+++ b/crates/asn1_der/RUSTSEC-2019-0007.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0007"
 package = "asn1_der"
-aliases = ["CVE-2019-15549"]
+aliases = ["CVE-2019-15549", "GHSA-v5r6-6r3c-wqxc"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2019-06-13"
 keywords = ["dos"]
--- a/crates/async-coap/RUSTSEC-2020-0124.md
+++ b/crates/async-coap/RUSTSEC-2020-0124.md
@@ -5,7 +5,7 @@ package = "async-coap"
 date = "2020-12-08"
 url = "https://github.com/google/rust-async-coap/issues/33"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36444"]
+aliases = ["CVE-2020-36444", "GHSA-9j8q-m9x5-9g6j"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/async-h1/RUSTSEC-2020-0093.md
+++ b/crates/async-h1/RUSTSEC-2020-0093.md
@@ -6,7 +6,7 @@ date = "2020-12-17"
 url = "https://github.com/http-rs/async-h1/releases/tag/v2.3.0"
 categories = []
 keywords = ["smuggling", "http", "reverse proxy", "request smuggling"]
-aliases = ["CVE-2020-26281", "CVE-2020-36202", "GHSA-4vr9-8cjf-vf9c"]
+aliases = ["CVE-2020-26281", "CVE-2020-36202", "GHSA-4vr9-8cjf-vf9c", "GHSA-c8rq-crxj-mj9m"]

 [versions]
 patched = [">= 2.3.0"]
--- a/crates/async-nats/RUSTSEC-2023-0027.md
+++ b/crates/async-nats/RUSTSEC-2023-0027.md
@@ -6,6 +6,7 @@ date = "2023-03-24"
 url = "https://github.com/nats-io/nats.rs/commit/817a7b942c462fa9d9938dcb62124173634132fb#diff-767d442397fcaaf2f83e8f924d4a70317a2ce4703a49964d6007707949cfa5f5L303-R304"
 categories = ["crypto-failure"]
 keywords = ["tls", "mitm"]
+aliases = ["GHSA-f5v5-ccqc-6w36"]

 [versions]
 patched = [">= 0.29.0"]
--- a/crates/atom/RUSTSEC-2020-0044.md
+++ b/crates/atom/RUSTSEC-2020-0044.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0044"
 package = "atom"
-aliases = ["CVE-2020-35897"]
+aliases = ["CVE-2020-35897", "GHSA-9cg2-2j2h-59v9"]
 cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-09-21"
 informational = "unsound"
--- a/crates/atomic-option/RUSTSEC-2020-0113.md
+++ b/crates/atomic-option/RUSTSEC-2020-0113.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0113"
 package = "atomic-option"
-aliases = ["CVE-2020-36219"]
+aliases = ["CVE-2020-36219", "GHSA-8gf5-q9p9-wvmc"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-10-31"
 url = "https://github.com/reem/rust-atomic-option/issues/4"
--- a/crates/autorand/RUSTSEC-2020-0103.md
+++ b/crates/autorand/RUSTSEC-2020-0103.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0103"
 package = "autorand"
-aliases = ["CVE-2020-36210"]
+aliases = ["CVE-2020-36210", "GHSA-cgmg-2v6m-fjg7"]
 cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-31"
 url = "https://github.com/mersinvald/autorand-rs/issues/5"
--- a/crates/av-data/RUSTSEC-2021-0007.md
+++ b/crates/av-data/RUSTSEC-2021-0007.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0007"
 package = "av-data"
-aliases = ["CVE-2021-25904"]
+aliases = ["CVE-2021-25904", "GHSA-352p-rhvq-7g78"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-07"
 url = "https://github.com/rust-av/rust-av/issues/136"
--- a/crates/axum-core/RUSTSEC-2022-0055.md
+++ b/crates/axum-core/RUSTSEC-2022-0055.md
@@ -6,6 +6,7 @@ date = "2022-08-31"
 url = "https://github.com/tokio-rs/axum/pull/1346"
 categories = ["denial-of-service"]
 keywords = ["ddos", "oom"]
+aliases = ["CVE-2022-3212", "GHSA-m77f-652q-wwp4"]

 [versions]
 patched = [">= 0.2.8, < 0.3.0-rc.1", ">= 0.3.0-rc.2"]
--- a/crates/bam/RUSTSEC-2021-0027.md
+++ b/crates/bam/RUSTSEC-2021-0027.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0027"
 package = "bam"
-aliases = ["CVE-2021-28027"]
+aliases = ["CVE-2021-28027", "GHSA-cpqj-r29q-chrh"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-07"
 url = "https://gitlab.com/tprodanov/bam/-/issues/4"
--- a/crates/base64/RUSTSEC-2017-0004.md
+++ b/crates/base64/RUSTSEC-2017-0004.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2017-0004"
 package = "base64"
-aliases = ["CVE-2017-1000430"]
+aliases = ["CVE-2017-1000430", "GHSA-x67x-vg9m-65c3"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2017-05-03"
 keywords = ["memory-corruption"]
--- a/crates/basic_dsp_matrix/RUSTSEC-2021-0009.md
+++ b/crates/basic_dsp_matrix/RUSTSEC-2021-0009.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0009"
 package = "basic_dsp_matrix"
-aliases = ["CVE-2021-25906"]
+aliases = ["CVE-2021-25906", "GHSA-fjr6-hm39-4cf9"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-10"
 url = "https://github.com/liebharc/basic_dsp/issues/47"
--- a/crates/beef/RUSTSEC-2020-0122.md
+++ b/crates/beef/RUSTSEC-2020-0122.md
@@ -5,7 +5,7 @@ package = "beef"
 date = "2020-10-28"
 url = "https://github.com/maciejhirsz/beef/issues/37"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36442"]
+aliases = ["CVE-2020-36442", "GHSA-m7w4-8wp8-m2xq"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/better-macro/RUSTSEC-2021-0077.md
+++ b/crates/better-macro/RUSTSEC-2021-0077.md
@@ -6,7 +6,7 @@ date = "2021-07-22"
 url = "https://github.com/raycar5/better-macro/blob/24ff1702397b9c19bbfa4c660e2316cd77d3b900/src/lib.rs#L36-L38"
 categories = ["code-execution"]
 keywords = ["rce", "proc-macro"]
-aliases = ["CVE-2021-38196"]
+aliases = ["CVE-2021-38196", "GHSA-79wf-qcqv-r22r"]

 [affected]
 functions = { "better_macro::println" = ["> 1.0.0"] }
--- a/crates/bigint/RUSTSEC-2020-0025.md
+++ b/crates/bigint/RUSTSEC-2020-0025.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0025"
 package = "bigint"
-aliases = ["CVE-2020-35880"]
+aliases = ["CVE-2020-35880", "GHSA-wgx2-6432-j3fw"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-05-07"
 informational = "unmaintained"
--- a/crates/binjs_io/RUSTSEC-2021-0085.md
+++ b/crates/binjs_io/RUSTSEC-2021-0085.md
@@ -6,6 +6,7 @@ date = "2021-01-03"
 url = "https://github.com/binast/binjs-ref/issues/460"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2021-45683", "GHSA-c6px-4grw-hrjr", "GHSA-cw4j-cf6c-mmfv"]

 [versions]
 patched = []
--- a/crates/bite/RUSTSEC-2020-0153.md
+++ b/crates/bite/RUSTSEC-2020-0153.md
@@ -6,6 +6,7 @@ date = "2020-12-31"
 url = "https://github.com/hinaria/bite/issues/1"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2020-36511", "GHSA-72r2-rg28-47v9", "GHSA-v2ch-fc8f-qm33"]

 [versions]
 patched = []
--- a/crates/bitvec/RUSTSEC-2020-0007.md
+++ b/crates/bitvec/RUSTSEC-2020-0007.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0007"
 package = "bitvec"
-aliases = ["CVE-2020-35862"]
+aliases = ["CVE-2020-35862", "GHSA-7cjc-hvxf-gqh7"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-03-27"
--- a/crates/blake2/RUSTSEC-2019-0019.md
+++ b/crates/blake2/RUSTSEC-2019-0019.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0019"
 package = "blake2"
-aliases = ["CVE-2019-16143"]
+aliases = ["CVE-2019-16143", "GHSA-4x25-pvhw-5224"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["crypto-failure"]
 date = "2019-08-25"
--- a/crates/borsh/RUSTSEC-2023-0033.md
+++ b/crates/borsh/RUSTSEC-2023-0033.md
@@ -7,6 +7,7 @@ url = "https://github.com/near/borsh-rs/issues/19"
 references = ["https://github.com/near/borsh-rs/pull/136"]
 informational = "unsound"
 categories = ["memory-corruption"]
+aliases = ["GHSA-fjx5-qpf4-xjf2"]

 [affected]
 [versions]
--- a/crates/bra/RUSTSEC-2021-0008.md
+++ b/crates/bra/RUSTSEC-2021-0008.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0008"
 package = "bra"
-aliases = ["CVE-2021-25905"]
+aliases = ["CVE-2021-25905", "GHSA-j8qq-58cr-8cc7"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"
 date = "2021-01-02"
 url = "https://github.com/Enet4/bra-rs/issues/1"
--- a/crates/branca/RUSTSEC-2020-0075.md
+++ b/crates/branca/RUSTSEC-2020-0075.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0075"
 package = "branca"
-aliases = ["CVE-2020-35918"]
+aliases = ["CVE-2020-35918", "GHSA-c9rv-3jmq-527w"]
 cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-29"
 url = "https://github.com/return/branca/issues/24"
--- a/crates/bronzedb-protocol/RUSTSEC-2021-0084.md
+++ b/crates/bronzedb-protocol/RUSTSEC-2021-0084.md
@@ -6,6 +6,7 @@ date = "2021-01-03"
 url = "https://github.com/Hexilee/BronzeDB/issues/1"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2021-45682", "GHSA-5phc-849h-vcxg", "GHSA-jv2r-jx6q-89jg"]

 [versions]
 patched = []
--- a/crates/buffered-reader/RUSTSEC-2023-0039.md
+++ b/crates/buffered-reader/RUSTSEC-2023-0039.md
@@ -9,6 +9,7 @@ categories = ["denial-of-service"]
 # Attacker-controlled input can result in a panic due to an
 # out-of-bounds array index.
 keywords = ["panic"]
+aliases = ["GHSA-29mf-62xx-28jq"]

 [versions]
 patched = [">= 1.0.2, < 1.1.0", ">= 1.1.5, < 1.2.0", ">= 1.2.0"]
--- a/crates/buffoon/RUSTSEC-2020-0154.md
+++ b/crates/buffoon/RUSTSEC-2020-0154.md
@@ -6,6 +6,7 @@ date = "2020-12-31"
 url = "https://github.com/carllerche/buffoon/issues/2"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2020-36512", "GHSA-hmx9-jm3v-33hv", "GHSA-v938-qcc9-rwv8"]

 [versions]
 patched = []
--- a/crates/bumpalo/RUSTSEC-2020-0006.md
+++ b/crates/bumpalo/RUSTSEC-2020-0006.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0006"
 package = "bumpalo"
-aliases = ["CVE-2020-35861"]
+aliases = ["CVE-2020-35861", "GHSA-vqx7-pw4r-29rr"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
 categories = ["memory-exposure"]
 date = "2020-03-24"
--- a/crates/bumpalo/RUSTSEC-2022-0078.md
+++ b/crates/bumpalo/RUSTSEC-2022-0078.md
@@ -7,6 +7,7 @@ url = "https://github.com/fitzgen/bumpalo/blob/main/CHANGELOG.md#3111"
 categories = ["memory-corruption", "memory-exposure"]
 keywords = ["use-after-free"]
 informational = "unsound"
+aliases = ["GHSA-f85w-wvc7-crwc"]

 [versions]
 patched = [">= 3.11.1"]
--- a/crates/bunch/RUSTSEC-2020-0130.md
+++ b/crates/bunch/RUSTSEC-2020-0130.md
@@ -5,7 +5,7 @@ package = "bunch"
 date = "2020-11-12"
 url = "https://github.com/krl/bunch/issues/1"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36450"]
+aliases = ["CVE-2020-36450", "GHSA-jwph-qp5h-f9wj"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/buttplug/RUSTSEC-2020-0112.md
+++ b/crates/buttplug/RUSTSEC-2020-0112.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0112"
 package = "buttplug"
-aliases = ["CVE-2020-36218"]
+aliases = ["CVE-2020-36218", "GHSA-r7rv-2rph-hvhj"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-12-18"
 url = "https://github.com/buttplugio/buttplug-rs/issues/225"
--- a/crates/byte_struct/RUSTSEC-2021-0032.md
+++ b/crates/byte_struct/RUSTSEC-2021-0032.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0032"
 package = "byte_struct"
-aliases = ["CVE-2021-28033"]
+aliases = ["CVE-2021-28033", "GHSA-8fgg-5v78-6g76"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-03-01"
 url = "https://github.com/wwylele/byte-struct-rs/issues/1"
--- a/crates/cache/RUSTSEC-2020-0128.md
+++ b/crates/cache/RUSTSEC-2020-0128.md
@@ -5,7 +5,7 @@ package = "cache"
 date = "2020-11-24"
 url = "https://github.com/krl/cache/issues/1"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36448"]
+aliases = ["CVE-2020-36448", "GHSA-g78p-g85h-q6ww"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/cache/RUSTSEC-2021-0006.md
+++ b/crates/cache/RUSTSEC-2021-0006.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0006"
 package = "cache"
-aliases = ["CVE-2021-25903"]
+aliases = ["CVE-2021-25903", "GHSA-gh87-6jr3-8q47"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-01"
 url = "https://github.com/krl/cache/issues/2"
--- a/crates/calamine/RUSTSEC-2021-0015.md
+++ b/crates/calamine/RUSTSEC-2021-0015.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0015"
 package = "calamine"
-aliases = ["CVE-2021-26951"]
+aliases = ["CVE-2021-26951", "GHSA-ppqp-78xx-3r38"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-06"
 url = "https://github.com/tafia/calamine/issues/199"
--- a/crates/cbox/RUSTSEC-2020-0005.md
+++ b/crates/cbox/RUSTSEC-2020-0005.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0005"
 package = "cbox"
-aliases = ["CVE-2020-35860"]
+aliases = ["CVE-2020-35860", "GHSA-3vjm-36rr-7qrq"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-03-19"
--- a/crates/cdr/RUSTSEC-2021-0012.md
+++ b/crates/cdr/RUSTSEC-2021-0012.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0012"
 package = "cdr"
-aliases = ["CVE-2021-26305"]
+aliases = ["CVE-2021-26305", "GHSA-37jj-wp7g-7wj4"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-02"
 url = "https://github.com/hrektts/cdr-rs/issues/10"
--- a/crates/cell-project/RUSTSEC-2020-0164.md
+++ b/crates/cell-project/RUSTSEC-2020-0164.md
@@ -8,6 +8,7 @@ categories = ["memory-corruption"]
 keywords = ["cell", "subtype", "variance"]
 informational = "unsound"
 references = ["https://github.com/RustyYato/cell-project/issues/3", "https://github.com/RustyYato/cell-project/issues/4"]
+aliases = ["GHSA-p75v-367r-2v23"]

 [versions]
 patched = [">= 0.1.4"]
--- a/crates/cgc/RUSTSEC-2020-0148.md
+++ b/crates/cgc/RUSTSEC-2020-0148.md
@@ -6,7 +6,7 @@ date = "2020-12-10"
 url = "https://github.com/playXE/cgc/issues/5"
 categories = ["memory-corruption"]
 keywords = ["memory-safety", "aliasing", "concurrency"]
-aliases = ["CVE-2020-36466", "CVE-2020-36467", "CVE-2020-36468"]
+aliases = ["CVE-2020-36466", "CVE-2020-36467", "CVE-2020-36468", "GHSA-f3mq-99jr-ww4r", "GHSA-f9xr-3m55-5q2v", "GHSA-pwhf-7427-9vv2"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"

 [versions]
--- a/crates/chacha20/RUSTSEC-2019-0029.md
+++ b/crates/chacha20/RUSTSEC-2019-0029.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0029"
 package = "chacha20"
-aliases = ["CVE-2019-25005"]
+aliases = ["CVE-2019-25005", "GHSA-j2r6-2m5c-vgh5"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
 categories = ["crypto-failure"]
 date = "2019-10-22"
--- a/crates/chttp/RUSTSEC-2019-0016.md
+++ b/crates/chttp/RUSTSEC-2019-0016.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0016"
 package = "chttp"
-aliases = ["CVE-2019-16140"]
+aliases = ["CVE-2019-16140", "GHSA-5rrv-m36h-qwf8"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2019-09-01"
 keywords = ["memory-management", "memory-corruption"]
--- a/crates/chunky/RUSTSEC-2020-0035.md
+++ b/crates/chunky/RUSTSEC-2020-0035.md
@@ -5,7 +5,7 @@ package = "chunky"
 date = "2020-08-25"
 informational = "unsound"
 url = "https://github.com/aeplay/chunky/issues/2"
-aliases = ["CVE-2020-36433"]
+aliases = ["CVE-2020-36433", "GHSA-qg24-8xj4-gj2h"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"

 [versions]
--- a/crates/ckb/RUSTSEC-2021-0107.md
+++ b/crates/ckb/RUSTSEC-2021-0107.md
@@ -4,7 +4,7 @@ id = "RUSTSEC-2021-0107"
 package = "ckb"
 date = "2021-07-25"
 url = "https://github.com/nervosnetwork/ckb/security/advisories/GHSA-v666-6w97-pcwm"
-aliases = ["GHSA-v666-6w97-pcwm"]
+aliases = ["CVE-2021-45698", "GHSA-8gjm-h3xj-mp6w", "GHSA-v666-6w97-pcwm"]
 [versions]
 patched = [">= 0.40.0"]
 ```
--- a/crates/ckb/RUSTSEC-2021-0108.md
+++ b/crates/ckb/RUSTSEC-2021-0108.md
@@ -4,7 +4,7 @@ id = "RUSTSEC-2021-0108"
 package = "ckb"
 date = "2021-07-25"
 url = "https://github.com/nervosnetwork/ckb/security/advisories/GHSA-48vq-8jqv-gm6f"
-aliases = ["GHSA-48vq-8jqv-gm6f"]
+aliases = ["CVE-2021-45699", "GHSA-2969-8hh9-57jc", "GHSA-48vq-8jqv-gm6f"]
 [versions]
 patched = [">= 0.40.0"]
 ```
--- a/crates/ckb/RUSTSEC-2021-0109.md
+++ b/crates/ckb/RUSTSEC-2021-0109.md
@@ -4,7 +4,7 @@ id = "RUSTSEC-2021-0109"
 package = "ckb"
 date = "2021-07-25"
 url = "https://github.com/nervosnetwork/ckb/security/advisories/GHSA-45p7-c959-rgcm"
-aliases = ["GHSA-45p7-c959-rgcm"]
+aliases = ["CVE-2021-45700", "GHSA-45p7-c959-rgcm", "GHSA-cw98-cx2m-9qqg"]
 [versions]
 patched = [">= 0.40.0"]
 ```
--- a/crates/claxon/RUSTSEC-2018-0004.md
+++ b/crates/claxon/RUSTSEC-2018-0004.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2018-0004"
 package = "claxon"
-aliases = ["CVE-2018-20992"]
+aliases = ["CVE-2018-20992", "GHSA-8c6g-4xc5-w96c"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
 date = "2018-08-25"
 keywords = ["uninitialized-memory"]
--- a/crates/columnar/RUSTSEC-2021-0087.md
+++ b/crates/columnar/RUSTSEC-2021-0087.md
@@ -6,6 +6,7 @@ date = "2021-01-07"
 url = "https://github.com/frankmcsherry/columnar/issues/6"
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2021-45685", "GHSA-9mp7-45qh-r8j8", "GHSA-cxcc-q839-2cw9"]

 [versions]
 patched = []
--- a/crates/compact_arena/RUSTSEC-2019-0015.md
+++ b/crates/compact_arena/RUSTSEC-2019-0015.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0015"
 package = "compact_arena"
-aliases = ["CVE-2019-16139"]
+aliases = ["CVE-2019-16139", "GHSA-7j36-gc4r-9x3r"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2019-05-21"
--- a/crates/compu-brotli-sys/RUSTSEC-2021-0132.md
+++ b/crates/compu-brotli-sys/RUSTSEC-2021-0132.md
@@ -6,13 +6,14 @@ date = "2021-12-20"
 url = "https://github.com/google/brotli/releases/tag/v1.0.9"
 categories = ["memory-corruption"]
 keywords = ["integer-overflow"]
-aliases = ["CVE-2020-8927"]
+aliases = ["CVE-2020-8927", "GHSA-5v8v-66v8-mwm7"]

 [affected]

 [versions]
 patched = [">= 1.0.9"]
 ```
+
 # Integer overflow in the bundled Brotli C library

 A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB.
--- a/crates/comrak/RUSTSEC-2021-0026.md
+++ b/crates/comrak/RUSTSEC-2021-0026.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0026"
 package = "comrak"
-aliases = ["CVE-2021-27671"]
+aliases = ["CVE-2021-27671", "GHSA-xmr7-v725-2jjr"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
 date = "2021-02-21"
 url = "https://github.com/kivikakk/comrak/releases/tag/0.9.1"
--- a/crates/comrak/RUSTSEC-2021-0063.md
+++ b/crates/comrak/RUSTSEC-2021-0063.md
@@ -6,7 +6,7 @@ date = "2021-05-04"
 url = "https://github.com/kivikakk/comrak/releases/tag/0.10.1"
 categories = ["format-injection"]
 keywords = ["xss"]
-aliases = ["CVE-2021-38186"]
+aliases = ["CVE-2021-38186", "GHSA-6wj2-g87r-pm62"]

 [versions]
 patched = [">= 0.10.1"]
--- a/crates/concread/RUSTSEC-2020-0092.md
+++ b/crates/concread/RUSTSEC-2020-0092.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0092"
 package = "concread"
-aliases = ["CVE-2020-35928"]
+aliases = ["CVE-2020-35928", "GHSA-4xj5-vv9x-63jp"]
 cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-13"
 url = "https://github.com/kanidm/concread/issues/48"
--- a/crates/conquer-once/RUSTSEC-2020-0101.md
+++ b/crates/conquer-once/RUSTSEC-2020-0101.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0101"
 package = "conquer-once"
-aliases = ["CVE-2020-36208"]
+aliases = ["CVE-2020-36208", "GHSA-3jc5-5hc5-33gj"]
 cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-22"
 url = "https://github.com/oliver-giersch/conquer-once/issues/3"
--- a/crates/conqueue/RUSTSEC-2020-0117.md
+++ b/crates/conqueue/RUSTSEC-2020-0117.md
@@ -5,7 +5,7 @@ package = "conqueue"
 date = "2020-11-24"
 url = "https://github.com/longshorej/conqueue/issues/9"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36437"]
+aliases = ["CVE-2020-36437", "GHSA-368f-29c3-4f2r"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/containers/RUSTSEC-2021-0010.md
+++ b/crates/containers/RUSTSEC-2021-0010.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2021-0010"
 package = "containers"
-aliases = ["CVE-2021-25907"]
+aliases = ["CVE-2021-25907", "GHSA-cv7x-6rc6-pq5v"]
 cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-12"
 url = "https://github.com/strake/containers.rs/issues/2"
--- a/crates/convec/RUSTSEC-2020-0125.md
+++ b/crates/convec/RUSTSEC-2020-0125.md
@@ -5,7 +5,7 @@ package = "convec"
 date = "2020-11-24"
 url = "https://github.com/krl/convec/issues/2"
 categories = ["memory-corruption", "thread-safety"]
-aliases = ["CVE-2020-36445"]
+aliases = ["CVE-2020-36445", "GHSA-rpxm-vmr7-5f5f"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"

 [versions]
--- a/crates/cookie/RUSTSEC-2017-0005.md
+++ b/crates/cookie/RUSTSEC-2017-0005.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2017-0005"
 package = "cookie"
-aliases = ["CVE-2017-18589"]
+aliases = ["CVE-2017-18589", "GHSA-vjrq-cg9x-rfjp"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2017-05-06"
 keywords = ["crash"]
--- a/crates/cortex-m-rt/RUSTSEC-2023-0014.md
+++ b/crates/cortex-m-rt/RUSTSEC-2023-0014.md
@@ -5,6 +5,7 @@ package = "cortex-m-rt"
 date = "2023-02-13"
 informational = "unsound"
 url = "https://github.com/rust-embedded/cortex-m/discussions/469"
+aliases = ["GHSA-xw5j-gv2g-mjm2"]

 [versions]
 patched = [">= 0.7.3"]
--- a/crates/crayon/RUSTSEC-2020-0037.md
+++ b/crates/crayon/RUSTSEC-2020-0037.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0037"
 package = "crayon"
-aliases = ["CVE-2020-35889"]
+aliases = ["CVE-2020-35889", "GHSA-m833-jv95-mfjh"]
 cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-08-31"
 informational = "unsound"
--- a/crates/crossbeam-channel/RUSTSEC-2020-0052.md
+++ b/crates/crossbeam-channel/RUSTSEC-2020-0052.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0052"
 package = "crossbeam-channel"
-aliases = ["CVE-2020-35904", "CVE-2020-15254", "GHSA-v5m7-53cv-f3hx"]
+aliases = ["CVE-2020-15254", "CVE-2020-35904", "GHSA-m8h8-v6jh-c762", "GHSA-v5m7-53cv-f3hx"]
 categories = ["memory-corruption"]
 date = "2020-06-26"
 url = "https://github.com/crossbeam-rs/crossbeam/pull/533"
--- a/crates/crossbeam-channel/RUSTSEC-2022-0019.md
+++ b/crates/crossbeam-channel/RUSTSEC-2022-0019.md
@@ -5,6 +5,7 @@ package = "crossbeam-channel"
 date = "2022-05-10"
 informational = "unsound"
 url = "https://github.com/crossbeam-rs/crossbeam/pull/458"
+aliases = ["GHSA-9g55-pg62-m8hh"]

 [versions]
 patched = [">= 0.4.3"]
--- a/crates/crossbeam-queue/RUSTSEC-2022-0021.md
+++ b/crates/crossbeam-queue/RUSTSEC-2022-0021.md
@@ -5,6 +5,7 @@ package = "crossbeam-queue"
 date = "2022-05-10"
 informational = "unsound"
 url = "https://github.com/crossbeam-rs/crossbeam/pull/458"
+aliases = ["GHSA-6888-wf7j-34jq"]

 [versions]
 patched = [">= 0.2.3"]
--- a/crates/crossbeam/RUSTSEC-2018-0009.md
+++ b/crates/crossbeam/RUSTSEC-2018-0009.md
@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2018-0009"
 package = "crossbeam"
-aliases = ["CVE-2018-20996"]
+aliases = ["CVE-2018-20996", "GHSA-c3cw-c387-pj65"]
 cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2018-12-09"
 keywords = ["concurrency", "memory-management", "memory-corruption"]
--- a/crates/crossbeam/RUSTSEC-2022-0020.md
+++ b/crates/crossbeam/RUSTSEC-2022-0020.md
@@ -5,6 +5,7 @@ package = "crossbeam"
 date = "2022-05-10"
 informational = "unsound"
 url = "https://github.com/crossbeam-rs/crossbeam/pull/458"
+aliases = ["GHSA-8gj8-hv75-gp94"]

 [versions]
 patched = [">= 0.7.0"]
--- a/crates/crossbeam/RUSTSEC-2022-0029.md
+++ b/crates/crossbeam/RUSTSEC-2022-0029.md
@@ -5,6 +5,7 @@ package = "crossbeam"
 date = "2022-06-07"
 categories = ["thread-safety", "memory-corruption"]
 url = "https://github.com/crossbeam-rs/crossbeam/pull/98"
+aliases = ["GHSA-rwf4-gx62-rqfw"]

 [versions]
 patched = [">= 0.3.0"]
--- a/crates/crypto2/RUSTSEC-2021-0121.md
+++ b/crates/crypto2/RUSTSEC-2021-0121.md
@@ -6,6 +6,7 @@ date = "2021-10-08"
 url = "https://github.com/shadowsocks/crypto2/issues/27"
 informational = "unsound"
 keywords = ["crypto", "alignment", "unsound"]
+aliases = ["CVE-2021-45709", "GHSA-9hfg-pxr6-q4vp", "GHSA-pmcv-mgcf-rvxg"]

 [affected.functions]
 "crypto2::streamcipher::Chacha20::encrypt_slice" = ["*"]
--- a/crates/csv-sniffer/RUSTSEC-2021-0088.md
+++ b/crates/csv-sniffer/RUSTSEC-2021-0088.md
@@ -7,6 +7,7 @@ url = "https://github.com/jblondin/csv-sniffer/issues/1"
 references = ["https://github.com/jblondin/csv-sniffer/pull/2"]
 categories = ["memory-exposure"]
 informational = "unsound"
+aliases = ["CVE-2021-45686", "GHSA-9783-42pm-x5jq", "GHSA-r67p-m7g9-gxw6"]

 [versions]
 patched = [">= 0.2.0"]
--- a/Show More
+++ b/Show More