Add cvss information from nvd (#1085)

crates/abi_stable/RUSTSEC-2020-0105.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0105"
 package = "abi_stable"
 aliases = ["CVE-2020-36212", "CVE-2020-36213"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-12-21"
 url = "https://github.com/rodrimati1992/abi_stable_crates/issues/44"
 categories = ["memory-corruption"]

crates/abox/RUSTSEC-2020-0121.md

@@ -6,6 +6,7 @@ date = "2020-11-10"
 url = "https://github.com/SonicFrog/abox/issues/1"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36441"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.4.1"]

crates/actix-codec/RUSTSEC-2020-0049.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0049"
 package = "actix-codec"
 aliases = ["CVE-2020-35902"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-30"
 url = "https://github.com/actix/actix-net/issues/91"

crates/actix-http/RUSTSEC-2020-0048.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0048"
 package = "actix-http"
 aliases = ["CVE-2020-35901"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-24"
 url = "https://github.com/actix/actix-web/issues/1321"

crates/actix-http/RUSTSEC-2021-0081.md

@@ -5,6 +5,7 @@ package = "actix-http"
 date = "2021-06-16"
 keywords = ["smuggling", "http", "reverse proxy", "request smuggling"]
 aliases = ["CVE-2021-38512"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
 
 [versions]
 patched = ["^ 2.2.1", ">= 3.0.0-beta.9"]

crates/actix-service/RUSTSEC-2020-0046.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0046"
 package = "actix-service"
 aliases = ["CVE-2020-35899"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-08"
 informational = "unsound"

crates/actix-utils/RUSTSEC-2020-0045.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0045"
 package = "actix-utils"
 aliases = ["CVE-2020-35898"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-01-08"
 informational = "unsound"

crates/adtensor/RUSTSEC-2021-0045.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0045"
 package = "adtensor"
 aliases = ["CVE-2021-29936"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-11"
 url = "https://github.com/charles-r-earp/adtensor/issues/4"
 categories = ["memory-corruption"]

crates/alg_ds/RUSTSEC-2020-0033.md

@@ -5,6 +5,7 @@ package = "alg_ds"
 date = "2020-08-25"
 url = "https://gitlab.com/dvshapkin/alg-ds/-/issues/1"
 aliases = ["CVE-2020-36432"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/alpm-rs/RUSTSEC-2020-0032.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0032"
 package = "alpm-rs"
 aliases = ["CVE-2020-35885"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-08-20"
 informational = "unsound"
 url = "https://github.com/pigeonhands/rust-arch/issues/2"

crates/ammonia/RUSTSEC-2019-0001.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0001"
 package = "ammonia"
 aliases = ["CVE-2019-15542"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2019-04-27"
 keywords = ["stack-overflow", "crash"]
 url = "https://github.com/rust-ammonia/ammonia/blob/master/CHANGELOG.md#210"

crates/aovec/RUSTSEC-2020-0099.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0099"
 package = "aovec"
 aliases = ["CVE-2020-36207"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-10"
 categories = ["memory-corruption", "thread-safety"]
 keywords = ["concurrency"]

crates/appendix/RUSTSEC-2020-0149.md

@@ -6,6 +6,7 @@ date = "2020-11-15"
 url = "https://github.com/krl/appendix/issues/6"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36469"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [versions]
 patched = []

crates/arc-swap/RUSTSEC-2020-0091.md

@@ -7,6 +7,7 @@ url = "https://github.com/vorner/arc-swap/issues/45"
 categories = ["memory-corruption"]
 keywords = ["dangling reference"]
 aliases = ["CVE-2020-35711"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [versions]
 patched = [">= 0.4.8, < 1.0.0-0", ">= 1.1.0"]

crates/arenavec/RUSTSEC-2021-0040.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0040"
 package = "arenavec"
 aliases = ["CVE-2021-29930", "CVE-2021-29931"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-12"
 url = "https://github.com/ibabushkin/arenavec/issues/1"
 categories = ["memory-corruption"]

crates/array-queue/RUSTSEC-2020-0047.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0047"
 package = "array-queue"
 aliases = ["CVE-2020-35900"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"
 date = "2020-09-26"
 keywords = ["memory-corruption", "uninitialized-memory", "use-after-free"]
 url = "https://github.com/raviqqe/array-queue/issues/2"

crates/array-tools/RUSTSEC-2020-0132.md

@@ -6,6 +6,7 @@ date = "2020-12-31"
 url = "https://github.com/L117/array-tools/issues/2"
 categories = ["memory-corruption"]
 aliases = ["CVE-2020-36452"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.3.2"]

crates/arrayfire/RUSTSEC-2018-0011.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2018-0011"
 package = "arrayfire"
 aliases = ["CVE-2018-20998"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2018-12-18"
 keywords = ["enum", "repr"]

crates/asn1_der/RUSTSEC-2019-0007.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0007"
 package = "asn1_der"
 aliases = ["CVE-2019-15549"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2019-06-13"
 keywords = ["dos"]
 url = "https://github.com/KizzyCode/asn1_der/issues/1"

crates/async-coap/RUSTSEC-2020-0124.md

@@ -6,6 +6,7 @@ date = "2020-12-08"
 url = "https://github.com/google/rust-async-coap/issues/33"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36444"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/atom/RUSTSEC-2020-0044.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0044"
 package = "atom"
 aliases = ["CVE-2020-35897"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-09-21"
 informational = "unsound"
 url = "https://github.com/slide-rs/atom/issues/13"

crates/atomic-option/RUSTSEC-2020-0113.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0113"
 package = "atomic-option"
 aliases = ["CVE-2020-36219"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-10-31"
 url = "https://github.com/reem/rust-atomic-option/issues/4"
 categories = ["memory-corruption", "thread-safety"]

crates/autorand/RUSTSEC-2020-0103.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0103"
 package = "autorand"
 aliases = ["CVE-2020-36210"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-31"
 url = "https://github.com/mersinvald/autorand-rs/issues/5"
 categories = ["memory-corruption"]

crates/av-data/RUSTSEC-2021-0007.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0007"
 package = "av-data"
 aliases = ["CVE-2021-25904"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-07"
 url = "https://github.com/rust-av/rust-av/issues/136"
 categories = ["memory-exposure", "privilege-escalation"]

crates/bam/RUSTSEC-2021-0027.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0027"
 package = "bam"
 aliases = ["CVE-2021-28027"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-07"
 url = "https://gitlab.com/tprodanov/bam/-/issues/4"
 categories = ["memory-corruption"]

crates/base64/RUSTSEC-2017-0004.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2017-0004"
 package = "base64"
 aliases = ["CVE-2017-1000430"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2017-05-03"
 keywords = ["memory-corruption"]
 url = "https://github.com/alicemaz/rust-base64/commit/24ead980daf11ba563e4fb2516187a56a71ad319"

crates/basic_dsp_matrix/RUSTSEC-2021-0009.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0009"
 package = "basic_dsp_matrix"
 aliases = ["CVE-2021-25906"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-10"
 url = "https://github.com/liebharc/basic_dsp/issues/47"
 categories = ["memory-corruption"]

crates/beef/RUSTSEC-2020-0122.md

@@ -6,6 +6,7 @@ date = "2020-10-28"
 url = "https://github.com/maciejhirsz/beef/issues/37"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36442"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.5.0"]

crates/bigint/RUSTSEC-2020-0025.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0025"
 package = "bigint"
 aliases = ["CVE-2020-35880"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-05-07"
 informational = "unmaintained"
 url = "https://github.com/paritytech/bigint/commit/7e71521a61b009afc94c91135353102658550d42"

crates/bitvec/RUSTSEC-2020-0007.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0007"
 package = "bitvec"
 aliases = ["CVE-2020-35862"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-03-27"
 url = "https://github.com/myrrlyn/bitvec/issues/55"

crates/blake2/RUSTSEC-2019-0019.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0019"
 package = "blake2"
 aliases = ["CVE-2019-16143"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["crypto-failure"]
 date = "2019-08-25"
 url = "https://github.com/RustCrypto/MACs/issues/19"

crates/bra/RUSTSEC-2021-0008.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0008"
 package = "bra"
 aliases = ["CVE-2021-25905"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"
 date = "2021-01-02"
 url = "https://github.com/Enet4/bra-rs/issues/1"
 categories = ["memory-exposure"]

crates/branca/RUSTSEC-2020-0075.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0075"
 package = "branca"
 aliases = ["CVE-2020-35918"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-29"
 url = "https://github.com/return/branca/issues/24"
 categories = ["denial-of-service"]

crates/bumpalo/RUSTSEC-2020-0006.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0006"
 package = "bumpalo"
 aliases = ["CVE-2020-35861"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
 categories = ["memory-exposure"]
 date = "2020-03-24"
 url = "https://github.com/fitzgen/bumpalo/issues/69"

crates/bunch/RUSTSEC-2020-0130.md

@@ -6,6 +6,7 @@ date = "2020-11-12"
 url = "https://github.com/krl/bunch/issues/1"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36450"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/buttplug/RUSTSEC-2020-0112.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0112"
 package = "buttplug"
 aliases = ["CVE-2020-36218"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-12-18"
 url = "https://github.com/buttplugio/buttplug-rs/issues/225"
 categories = ["memory-corruption", "thread-safety"]

crates/byte_struct/RUSTSEC-2021-0032.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0032"
 package = "byte_struct"
 aliases = ["CVE-2021-28033"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-03-01"
 url = "https://github.com/wwylele/byte-struct-rs/issues/1"
 categories = ["memory-corruption"]

crates/cache/RUSTSEC-2020-0128.md

@@ -6,6 +6,7 @@ date = "2020-11-24"
 url = "https://github.com/krl/cache/issues/1"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36448"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/cache/RUSTSEC-2021-0006.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0006"
 package = "cache"
 aliases = ["CVE-2021-25903"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-01"
 url = "https://github.com/krl/cache/issues/2"
 informational = "unsound"

crates/calamine/RUSTSEC-2021-0015.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0015"
 package = "calamine"
 aliases = ["CVE-2021-26951"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-06"
 url = "https://github.com/tafia/calamine/issues/199"
 categories = ["memory-corruption", "memory-exposure"]

crates/cbox/RUSTSEC-2020-0005.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0005"
 package = "cbox"
 aliases = ["CVE-2020-35860"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-03-19"
 url = "https://github.com/TomBebbington/cbox-rs/issues/2"

crates/cdr/RUSTSEC-2021-0012.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0012"
 package = "cdr"
 aliases = ["CVE-2021-26305"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-02"
 url = "https://github.com/hrektts/cdr-rs/issues/10"
 categories = ["memory-exposure"]

crates/cgc/RUSTSEC-2020-0148.md

@@ -7,6 +7,7 @@ url = "https://github.com/playXE/cgc/issues/5"
 categories = ["memory-corruption"]
 keywords = ["memory-safety", "aliasing", "concurrency"]
 aliases = ["CVE-2020-36466", "CVE-2020-36467", "CVE-2020-36468"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [versions]
 patched = []

crates/chacha20/RUSTSEC-2019-0029.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0029"
 package = "chacha20"
 aliases = ["CVE-2019-25005"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
 categories = ["crypto-failure"]
 date = "2019-10-22"
 url = "https://github.com/RustCrypto/stream-ciphers/pull/64"

crates/chttp/RUSTSEC-2019-0016.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0016"
 package = "chttp"
 aliases = ["CVE-2019-16140"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2019-09-01"
 keywords = ["memory-management", "memory-corruption"]
 url = "https://github.com/sagebind/isahc/issues/2"

crates/chunky/RUSTSEC-2020-0035.md

@@ -6,6 +6,7 @@ date = "2020-08-25"
 informational = "unsound"
 url = "https://github.com/aeplay/chunky/issues/2"
 aliases = ["CVE-2020-36433"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
 
 [versions]
 patched = []

crates/claxon/RUSTSEC-2018-0004.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2018-0004"
 package = "claxon"
 aliases = ["CVE-2018-20992"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N"
 date = "2018-08-25"
 keywords = ["uninitialized-memory"]
 url = "https://github.com/ruuda/claxon/commit/8f28ec275e412dd3af4f3cda460605512faf332c"

crates/compact_arena/RUSTSEC-2019-0015.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0015"
 package = "compact_arena"
 aliases = ["CVE-2019-16139"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2019-05-21"
 keywords = ["uninitialized-memory"]

crates/comrak/RUSTSEC-2021-0026.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0026"
 package = "comrak"
 aliases = ["CVE-2021-27671"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"
 date = "2021-02-21"
 url = "https://github.com/kivikakk/comrak/releases/tag/0.9.1"
 categories = ["format-injection"]

crates/concread/RUSTSEC-2020-0092.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0092"
 package = "concread"
 aliases = ["CVE-2020-35928"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-13"
 url = "https://github.com/kanidm/concread/issues/48"
 categories = ["thread-safety"]

crates/conquer-once/RUSTSEC-2020-0101.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0101"
 package = "conquer-once"
 aliases = ["CVE-2020-36208"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-22"
 url = "https://github.com/oliver-giersch/conquer-once/issues/3"
 categories = ["memory-corruption", "thread-safety"]

crates/conqueue/RUSTSEC-2020-0117.md

@@ -6,6 +6,7 @@ date = "2020-11-24"
 url = "https://github.com/longshorej/conqueue/issues/9"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36437"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.4.0"]

crates/containers/RUSTSEC-2021-0010.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0010"
 package = "containers"
 aliases = ["CVE-2021-25907"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-01-12"
 url = "https://github.com/strake/containers.rs/issues/2"
 categories = ["memory-corruption"]

crates/convec/RUSTSEC-2020-0125.md

@@ -6,6 +6,7 @@ date = "2020-11-24"
 url = "https://github.com/krl/convec/issues/2"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36445"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/cookie/RUSTSEC-2017-0005.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2017-0005"
 package = "cookie"
 aliases = ["CVE-2017-18589"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2017-05-06"
 keywords = ["crash"]
 url = "https://github.com/alexcrichton/cookie-rs/pull/86"

crates/cranelift-codegen/RUSTSEC-2021-0067.md

@@ -7,6 +7,7 @@ url = "https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hpq
 categories = ["code-execution", "memory-corruption", "memory-exposure"]
 keywords = ["miscompile", "sandbox", "wasm"]
 aliases = ["CVE-2021-32629", "GHSA-hpqh-2wqx-7qp5"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.73.1"]

crates/crayon/RUSTSEC-2020-0037.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0037"
 package = "crayon"
 aliases = ["CVE-2020-35889"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-08-31"
 informational = "unsound"
 url = "https://github.com/shawnscode/crayon/issues/87"

crates/crossbeam-deque/RUSTSEC-2021-0093.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0093"
 package = "crossbeam-deque"
 aliases = ["GHSA-pqqp-xmhj-wgcw", "CVE-2021-32810"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2021-07-30"
 url = "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw"

crates/crossbeam/RUSTSEC-2018-0009.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2018-0009"
 package = "crossbeam"
 aliases = ["CVE-2018-20996"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2018-12-09"
 keywords = ["concurrency", "memory-management", "memory-corruption"]
 url = "https://github.com/crossbeam-rs/crossbeam-epoch/issues/82"

crates/dces/RUSTSEC-2020-0139.md

@@ -7,6 +7,7 @@ url = "https://gitlab.redox-os.org/redox-os/dces-rust/-/issues/8"
 categories = ["memory-corruption", "thread-safety"]
 keywords = ["concurrency"]
 aliases = ["CVE-2020-36459"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/diesel/RUSTSEC-2021-0037.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0037"
 package = "diesel"
 aliases = ["CVE-2021-28305"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-03-05"
 url = "https://github.com/diesel-rs/diesel/pull/2663"
 categories = ["memory-corruption"]

crates/disrustor/RUSTSEC-2020-0150.md

@@ -6,6 +6,7 @@ date = "2020-12-17"
 url = "https://github.com/sklose/disrustor/issues/1"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36470"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [versions]
 patched = []

crates/dync/RUSTSEC-2020-0050.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0050"
 package = "dync"
 aliases = ["CVE-2020-35903"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-09-27"
 informational = "unsound"
 url = "https://github.com/elrnv/dync/issues/4"

crates/endian_trait/RUSTSEC-2021-0039.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0039"
 package = "endian_trait"
 aliases = ["CVE-2021-29929"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-04"
 url = "https://gitlab.com/myrrlyn/endian_trait/-/issues/1"
 categories = ["memory-corruption"]

crates/eventio/RUSTSEC-2020-0108.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0108"
 package = "eventio"
 aliases = ["CVE-2020-36216"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-12-20"
 url = "https://github.com/petabi/eventio/issues/33"
 categories = ["memory-corruption", "thread-safety"]

crates/failure/RUSTSEC-2019-0036.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0036"
 package = "failure"
 aliases = ["CVE-2020-25575", "CVE-2019-25010"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2019-11-13"
 informational = "unsound"
 keywords = ["unsound"]

crates/failure/RUSTSEC-2020-0036.md

@@ -6,6 +6,7 @@ date = "2020-05-02"
 informational = "unmaintained"
 url = "https://github.com/rust-lang-nursery/failure/pull/347"
 aliases = ["CVE-2020-25575"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = []

crates/fil-ocl/RUSTSEC-2021-0011.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0011"
 package = "fil-ocl"
 aliases = ["CVE-2021-25908"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-04"
 url = "https://github.com/cogciprocate/ocl/issues/194"
 categories = ["memory-corruption"]

crates/flatbuffers/RUSTSEC-2019-0028.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0028"
 package = "flatbuffers"
 aliases = ["CVE-2019-25004"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2019-10-20"
 url = "https://github.com/google/flatbuffers/issues/5530"
 

crates/flatbuffers/RUSTSEC-2020-0009.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0009"
 package = "flatbuffers"
 aliases = ["CVE-2020-35864"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-04-11"
 url = "https://github.com/google/flatbuffers/issues/5825"
 

crates/futures-intrusive/RUSTSEC-2020-0072.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0072"
 package = "futures-intrusive"
 aliases = ["CVE-2020-35915"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-10-31"
 url = "https://github.com/Matthias247/futures-intrusive/issues/53"
 categories = ["memory-corruption", "thread-safety"]

crates/futures-task/RUSTSEC-2020-0060.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0060"
 package = "futures-task"
 aliases = ["CVE-2020-35906"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-09-04"
 url = "https://github.com/rust-lang/futures-rs/pull/2206"
 categories = ["code-execution", "memory-corruption"]

crates/futures-task/RUSTSEC-2020-0061.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0061"
 package = "futures-task"
 aliases = ["CVE-2020-35907"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-05-03"
 url = "https://github.com/rust-lang/futures-rs/issues/2091"
 categories = ["denial-of-service"]

crates/futures-util/RUSTSEC-2020-0059.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0059"
 package = "futures-util"
 aliases = ["CVE-2020-35905"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-10-22"
 url = "https://github.com/rust-lang/futures-rs/issues/2239"
 categories = ["thread-safety"]

crates/futures-util/RUSTSEC-2020-0062.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0062"
 package = "futures-util"
 aliases = ["CVE-2020-35908"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-01-24"
 url = "https://github.com/rust-lang/futures-rs/issues/2050"
 categories = ["memory-corruption", "thread-safety"]

crates/generator/RUSTSEC-2019-0020.md

@@ -6,6 +6,7 @@ date = "2019-09-06"
 keywords = ["memory-corruption"]
 url = "https://github.com/Xudong-Huang/generator-rs/issues/9"
 aliases = ["CVE-2019-16144"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [versions]
 patched = [">= 0.6.18"]

crates/generator/RUSTSEC-2020-0151.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0151"
 package = "generator"
 aliases = ["CVE-2020-36471"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-16"
 url = "https://github.com/Xudong-Huang/generator-rs/issues/27"
 categories = ["memory-corruption"]

crates/generic-array/RUSTSEC-2020-0146.md

@@ -7,6 +7,7 @@ url = "https://github.com/fizyk20/generic-array/issues/98"
 categories = ["memory-corruption"]
 keywords = ["soundness"]
 aliases = ["CVE-2020-36465"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [versions]
 patched = [

crates/gfwx/RUSTSEC-2020-0104.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0104"
 package = "gfwx"
 aliases = ["CVE-2020-36211"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-12-08"
 url = "https://github.com/Devolutions/gfwx-rs/issues/7"
 categories = ["memory-corruption", "thread-safety"]

crates/glsl-layout/RUSTSEC-2021-0005.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0005"
 package = "glsl-layout"
 aliases = ["CVE-2021-25902"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-10"
 url = "https://github.com/rustgd/glsl-layout/pull/10"
 categories = ["memory-corruption"]

crates/grep-cli/RUSTSEC-2021-0071.md

@@ -7,6 +7,7 @@ url = "https://github.com/BurntSushi/ripgrep/issues/1773"
 categories = ["code-execution"]
 keywords = ["windows", "ripgrep", "PATH", "arbitrary", "binary"]
 aliases = ["CVE-2021-3013"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.1.6"]

crates/hashconsing/RUSTSEC-2020-0107.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0107"
 package = "hashconsing"
 aliases = ["CVE-2020-36215"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-10"
 url = "https://github.com/AdrienChampion/hashconsing/issues/1"
 categories = ["memory-corruption", "thread-safety"]

crates/heapless/RUSTSEC-2020-0145.md

@@ -8,6 +8,7 @@ categories = ["memory-corruption", "memory-exposure"]
 keywords = ["use-after-free"]
 informational = "unsound"
 aliases = ["CVE-2020-36464"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 
 [affected.functions]
 "heapless::vec::IntoIter::clone" = ["<= 0.6"]

crates/http/RUSTSEC-2019-0033.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0033"
 package = "http"
 aliases = ["CVE-2020-25574", "CVE-2019-25008"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 categories = ["denial-of-service"]
 date = "2019-11-16"
 keywords = ["http", "integer-overflow", "DoS"]

crates/http/RUSTSEC-2019-0034.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0034"
 package = "http"
 aliases = ["CVE-2019-25009"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2019-11-16"
 keywords = ["memory-safety", "double-free", "unsound"]

crates/hyper/RUSTSEC-2016-0002.md

@@ -4,6 +4,7 @@ id = "RUSTSEC-2016-0002"
 package = "hyper"
 date = "2016-05-09"
 aliases = ["CVE-2016-10932"]
+cvss = "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"
 related = ["RUSTSEC-2016-0001"]
 categories = ["crypto-failure"]
 keywords = ["ssl", "mitm"]

crates/hyper/RUSTSEC-2017-0002.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2017-0002"
 package = "hyper"
 aliases = ["CVE-2017-18587"]
+cvss = "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
 date = "2017-01-23"
 url = "https://github.com/hyperium/hyper/wiki/Security-001"
 

crates/hyper/RUSTSEC-2020-0008.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0008"
 package = "hyper"
 aliases = ["CVE-2020-35863"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["format-injection"]
 date = "2020-03-19"
 keywords = ["http", "request-smuggling"]

crates/hyper/RUSTSEC-2021-0020.md

@@ -7,6 +7,7 @@ url = "https://github.com/hyperium/hyper/security/advisories/GHSA-6hfq-h8hq-87mf
 categories = ["format-injection"]
 keywords = ["http", "request-smuggling"]
 aliases = ["CVE-2021-21299", "GHSA-6hfq-h8hq-87mf"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.14.3", "0.13.10", "0.12.36"]

crates/hyper/RUSTSEC-2021-0078.md

@@ -6,6 +6,7 @@ date = "2021-07-07"
 url = "https://github.com/hyperium/hyper/security/advisories/GHSA-f3pg-qwvg-p99c"
 keywords = ["parsing", "http"]
 aliases = ["CVE-2021-32715", "GHSA-f3pg-qwvg-p99c"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
 
 [versions]
 patched = [">= 0.14.10"]

crates/hyper/RUSTSEC-2021-0079.md

@@ -6,6 +6,7 @@ date = "2021-07-07"
 url = "https://github.com/hyperium/hyper/security/advisories/GHSA-5h46-h7hh-c6x9"
 keywords = ["http", "parsing", "data loss"]
 aliases = ["CVE-2021-32714", "GHSA-5h46-h7hh-c6x9"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H"
 
 [versions]
 patched = [">= 0.14.10"]

crates/im/RUSTSEC-2020-0096.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0096"
 package = "im"
 aliases = ["CVE-2020-36204"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-09"
 url = "https://github.com/bodil/im-rs/issues/157"
 categories = ["thread-safety"]

crates/image/RUSTSEC-2019-0014.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2019-0014"
 package = "image"
 aliases = ["CVE-2019-16138"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2019-08-21"
 keywords = ["drop", "use-after-free"]
 url = "https://github.com/image-rs/image/pull/985"

crates/image/RUSTSEC-2020-0073.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0073"
 package = "image"
 aliases = ["CVE-2020-35916"]
+cvss = "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"
 date = "2020-11-12"
 url = "https://github.com/image-rs/image/issues/1357"
 informational = "unsound"

crates/insert_many/RUSTSEC-2021-0042.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0042"
 package = "insert_many"
 aliases = ["CVE-2021-29933"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
 date = "2021-01-26"
 url = "https://github.com/rphmeier/insert_many/issues/1"
 categories = ["memory-corruption"]

crates/internment/RUSTSEC-2020-0017.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0017"
 package = "internment"
 aliases = ["CVE-2020-35874"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 categories = ["memory-corruption"]
 date = "2020-05-28"
 url = "https://github.com/droundy/internment/issues/11"

crates/internment/RUSTSEC-2021-0036.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0036"
 package = "internment"
 aliases = ["CVE-2021-28037"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
 date = "2021-03-03"
 url = "https://github.com/droundy/internment/issues/20"
 categories = ["thread-safety"]

crates/kekbit/RUSTSEC-2020-0129.md

@@ -6,6 +6,7 @@ date = "2020-12-18"
 url = "https://github.com/motoras/kekbit/issues/34"
 categories = ["memory-corruption", "thread-safety"]
 aliases = ["CVE-2020-36449"]
+cvss = "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"
 
 [versions]
 patched = [">= 0.3.4"]

crates/late-static/RUSTSEC-2020-0102.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2020-0102"
 package = "late-static"
 aliases = ["CVE-2020-36209"]
+cvss = "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
 date = "2020-11-10"
 url = "https://github.com/Richard-W/late-static/issues/1"
 categories = ["memory-corruption", "thread-safety"]

crates/lazy-init/RUSTSEC-2021-0004.md

@@ -3,6 +3,7 @@
 id = "RUSTSEC-2021-0004"
 package = "lazy-init"
 aliases = ["CVE-2021-25901"]
+cvss = "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"
 date = "2021-01-17"
 categories = ["memory-corruption"]
 url = "https://github.com/khuey/lazy-init/issues/9"