rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,652 Commits 21 Branches 0 Tags
main
Commit Graph

2652 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
zerosnacks
218a772dc1 fix: RUSTSEC-2025-0073 (alloy-dyn-abi), update to description and credit (#2423) 2025-10-15 15:11:39 +02:00
djc
49bc507e4c Assigned RUSTSEC-2025-0073 to alloy-dyn-abi 2025-10-15 13:28:15 +02:00
zerosnacks
7c68aa7a3d Add CVE-2025-62370 alloy-dyn-abi (#2421) 
* add advisory

* nit

* fix date

* add GHSA alias
 2025-10-15 13:26:24 +02:00
djc
ce9208c002 Assigned RUSTSEC-2025-0072 to wrflib 2025-10-03 17:55:57 +02:00
Shihao Xia
16eeb9a536 add wrflib 2025-10-03 16:31:19 +02:00
En-En
f71b77f025 add io-safety keyword to RUSTSEC-2025-0051 2025-09-30 12:04:17 +02:00
djc
fb0d06e8e2 Assigned RUSTSEC-2025-0071 to ammonia 2025-09-22 08:05:57 +02:00
Michael Howell
baa969879d ammonia v4.1.2 2025-09-22 07:05:56 +02:00
djc
0c700a4438 Assigned RUSTSEC-2025-0070 to pingora-core 2025-09-18 09:10:31 +02:00
Edward Wang
d889c3aee0 Add advisory for pingora-core MadeYouReset http/2 vuln (#2415) 
Adding advisory for pre 0.6.0 pingora-core versions specific to
[MadeYouReset](https://nvd.nist.gov/vuln/detail/CVE-2025-8671)
as a potential denial-of-service attack.
 2025-09-18 09:08:27 +02:00
djc
3fbd1d0e50 Assigned RUSTSEC-2025-0069 to daemonize 2025-09-15 16:42:32 +02:00
Oliver Old
006ddb6ac6 Add unmaintained advisory for daemonize (#2409) 2025-09-15 16:34:46 +02:00
FirelightFlagboy
139e148474 fix(fuser): Set correct patched version 
The patched version was incorrectly set to 1.2.0 where the patch actually landed in 0.16.0
 2025-09-15 09:38:36 +02:00
djc
a71d22ed88 Assigned RUSTSEC-2023-0094 to martin-mbtiles 2025-09-14 21:19:34 +02:00
Frank Elsinga
1b9a578865 add the advisory 2025-09-14 20:31:07 +02:00
djc
c8fa947b3c Assigned RUSTSEC-2025-0067 to libyml, RUSTSEC-2025-0068 to serde_yml 2025-09-12 09:28:19 +02:00
John Vandenberg
be91e0d2f1 explain why the alternatives are mentioned 2025-09-12 09:10:27 +02:00
John Vandenberg
0d8252e9c4 mark both unsound 2025-09-12 09:10:27 +02:00
John Vandenberg
d04d1eb6aa Add unmaintained libyml and serde_yml 2025-09-12 09:10:27 +02:00
djc
84eeae67d4 Assigned RUSTSEC-2021-0154 to fuser 2025-09-12 09:09:22 +02:00
Alik Aslanyan
de3ef76432 Add advisory for fuser 2025-09-12 09:08:39 +02:00
djc
9097f1eb5e Assigned RUSTSEC-2025-0066 to google-apis-common 2025-09-11 18:34:38 +02:00
Sebastian Thiel
d7693e2a26 Add advisory (deprecated) for google-apis-common 
All directly dependent crates are superseded by `google-cloud-rust`
 2025-09-11 18:33:55 +02:00
djc
632cf0305c Assigned RUSTSEC-2025-0065 to matrix-sdk-base 2025-09-11 14:21:52 +02:00
Dirkjan Ochtman
168390e0da Fix candidate advisory ID 2025-09-11 14:21:19 +02:00
Damir Jelić
2344133159 Add CVE-2025-59047 for matrix-sdk-base (#2401) 2025-09-11 14:10:54 +02:00
djc
1e25ffc23b Assigned RUSTSEC-2025-0064 to wren_rust 2025-09-11 09:03:09 +02:00
John Vandenberg
5756e1e8d9 Fix unaffected for RUSTSEC-2024-0376.md 2025-09-11 09:02:22 +02:00
Shihao Xia
63911f592a wren_rust init 2025-09-11 09:01:15 +02:00
djc
4502646ddd Assigned RUSTSEC-2025-0063 to fast-able 2025-09-11 08:59:56 +02:00
Shihao Xia
e149034a49 fast-able possible unsound public API (#2287) 2025-09-11 08:58:33 +02:00
djc
b8a3db1f9c Assigned RUSTSEC-2025-0062 to toodee 2025-09-08 11:12:38 +02:00
George Androutsopoulos
6c259b061a Buffer Overflow in toodee DrainCol destructor (#2325) 
Co-authored-by: Georgios Androutsopoulos <georgeandrout@gamac.local>
 2025-09-08 11:10:32 +02:00
djc
990d59460b Assigned RUSTSEC-2025-0059 to servo-fontconfig, RUSTSEC-2025-0060 to crypto-hash, RUSTSEC-2025-0061 to iron 2025-09-08 11:09:54 +02:00
John Vandenberg
8251d4843b Add unmaintained advisory for iron 2025-09-08 11:08:47 +02:00
John Vandenberg
412b34dba3 Add unmaintained advisory for crypto-hash 2025-09-08 11:05:31 +02:00
John Vandenberg
0b87b239ac Add unmaintained advisory for servo-fontconfig 2025-09-08 11:04:20 +02:00
djc
6366de025d Assigned RUSTSEC-2025-0058 to custom_derive 2025-09-07 10:38:20 +02:00
John Vandenberg
15591dc0c7 Add unmaintained advisory for custom_derive 2025-09-07 08:18:03 +02:00
djc
d6c6489daf Assigned RUSTSEC-2025-0057 to fxhash 2025-09-05 21:09:01 +02:00
Sam
dbaedaed96 Add advisory for unmaintained fxhash crate 2025-09-05 21:02:11 +02:00
djc
01f8f6b36e Assigned RUSTSEC-2025-0056 to adler 2025-09-05 11:05:48 +02:00
John Vandenberg
0feb7c883b Add unmaintained advisory for adler 2025-09-05 10:55:15 +02:00
djc
20a8af2bdc Assigned RUSTSEC-2025-0055 to tracing-subscriber 2025-09-02 13:05:02 +02:00
Eli Wenig
6ba91d3fd4 add CVE-2025-58160 details to tracing-subscriber (#2377) 2025-09-02 13:04:04 +02:00
djc
97dec1d752 Assigned RUSTSEC-2025-0054 to array-queue 2025-09-01 14:55:53 +02:00
George Androutsopoulos
ad75531bdb The API ArrayQueue::push_front is not panic-safe (#2363) 
* ArrayQueue::push_front is not panic-safe

* Add patch info

---------

Co-authored-by: Georgios Androutsopoulos <georgeandrout@gamac.local>
 2025-09-01 14:54:09 +02:00
djc
ed23fda8bc Assigned RUSTSEC-2025-0053 to arenavec 2025-09-01 09:59:00 +02:00
George Androutsopoulos
835b4f6331 Multiple memory corruption vulnerabilities in arenavec (#2364) 
Co-authored-by: Georgios Androutsopoulos <georgeandrout@gamac.local>
 2025-09-01 09:58:09 +02:00
John Vandenberg
01ca7adeec Remove unaffected from RUSTSEC-2020-0095.md 2025-08-30 08:09:56 +02:00