Add the malicious category to previous advisories.

Addresses rustsec/advisory-db#2500.
This commit is contained in:
Adam Harvey
2026-03-17 14:21:37 -07:00
parent 3d96caa697
commit 99e9de91bb
24 changed files with 24 additions and 1 deletions

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0039"
package = "chrono_anchor"
date = "2026-03-10"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0017"
package = "clob-sdk"
date = "2026-02-20"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "dnp3times"
date = "2026-03-04"
expect-deleted = true
aliases = ["GHSA-xhw7-jhmp-j62j"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -7,6 +7,7 @@ url = "https://blog.rust-lang.org/2025/12/03/crates.io-malicious-crates-evm-unit
references = ["https://socket.dev/blog/malicious-rust-crate-evm-units-serves-cross-platform-payloads"]
expect-deleted = true
aliases = ["GHSA-6662-54xr-8423"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "finch-rst"
date = "2025-12-09"
expect-deleted = true
aliases = ["GHSA-xp79-9mxw-878j"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -7,6 +7,7 @@ url = "https://blog.rust-lang.org/2025/12/05/crates.io-malicious-crates-finch-ru
references = ["https://socket.dev/blog/malicious-crate-mimicking-finch-exfiltrates-credentials"]
expect-deleted = true
aliases = ["GHSA-f8h5-x737-x4xr"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "finch_cli_rust"
date = "2025-12-09"
expect-deleted = true
aliases = ["GHSA-6v2j-vr4h-f632"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "polymarket-client-sdks"
date = "2026-02-13"
expect-deleted = true
aliases = ["GHSA-p5vf-5754-x7p3"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "polymarket-clients-sdk"
date = "2026-02-06"
expect-deleted = true
aliases = ["GHSA-382q-fpqh-29f7"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0015"
package = "polymarkets-client-sdk"
date = "2026-02-19"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0016"
package = "polymarkets-rs-clob-client"
date = "2026-02-20"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0014"
package = "rpc-check"
date = "2026-02-19"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0018"
package = "rpc-check"
date = "2026-02-24"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,7 +4,7 @@ id = "RUSTSEC-2022-0042"
package = "rustdecimal"
date = "2022-05-10"
url = "https://groups.google.com/g/rustlang-security-announcements/c/5DVtC8pgJLw?pli=1"
categories = ["code-execution"]
categories = ["code-execution", "malicious"]
keywords = ["typosquatting"]
aliases = ["GHSA-7pwq-f4pq-78gm", "MAL-2022-1"]
expect-deleted = true

View File

@@ -5,6 +5,7 @@ package = "sha-rst"
date = "2025-12-09"
expect-deleted = true
aliases = ["GHSA-vgr2-r5hm-f6gf"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -7,6 +7,7 @@ url = "https://blog.rust-lang.org/2025/12/05/crates.io-malicious-crates-finch-ru
references = ["https://socket.dev/blog/malicious-crate-mimicking-finch-exfiltrates-credentials"]
expect-deleted = true
aliases = ["GHSA-3mmg-7c2q-8938"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "time-sync"
date = "2026-03-04"
expect-deleted = true
aliases = ["GHSA-mh23-rw7f-v5pq"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "time_calibrator"
date = "2026-03-03"
expect-deleted = true
aliases = ["GHSA-77xj-rrh3-wx3v"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "time_calibrators"
date = "2026-03-03"
expect-deleted = true
aliases = ["GHSA-wf45-3gpw-vrqv"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -5,6 +5,7 @@ package = "tracing-check"
date = "2026-02-24"
expect-deleted = true
aliases = ["GHSA-5pmp-jpcf-pwx6"]
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0040"
package = "tracing-ethers"
date = "2026-03-14"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0028"
package = "tracing_checks"
date = "2026-02-26"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -4,6 +4,7 @@ id = "RUSTSEC-2026-0027"
package = "tracings"
date = "2026-02-26"
expect-deleted = true
categories = ["malicious"]
[versions]
patched = []

View File

@@ -7,6 +7,7 @@ url = "https://blog.rust-lang.org/2025/12/03/crates.io-malicious-crates-evm-unit
references = ["https://socket.dev/blog/malicious-rust-crate-evm-units-serves-cross-platform-payloads"]
expect-deleted = true
aliases = ["GHSA-x468-phr8-h3p3"]
categories = ["malicious"]
[versions]
patched = []