rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
2,640 Commits 21 Branches 0 Tags
5e1c750868f17672874798e41380c89c997d74a5
Commit Graph

2640 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexander Kjäll
5e1c750868 coreos-installer: add information about CVE-2021-20319 2025-12-21 14:40:56 +01:00
djc
87549c0d5e Assigned RUSTSEC-2024-0445 to cap-primitives 2025-12-19 22:01:24 +01:00
Alexander Kjäll
db2de00b5a cap-primitives: add information about CVE-2024-51756 2025-12-19 21:55:32 +01:00
djc
bfd4f4f3eb Assigned RUSTSEC-2024-0444 to boa_engine 2025-12-19 07:15:15 +01:00
Alexander Kjäll
b3afca3482 boa_engine: add information about CVE-2024-43357 2025-12-18 23:13:05 +01:00
Alexander Kjäll
915d476874 change a 'for' to a 'from' 2025-12-17 21:38:56 +01:00
Dirkjan Ochtman
15bad38b93 Set expect-deleted flag for rustdecimal and vec-const 2025-12-17 18:06:41 +01:00
Dirkjan Ochtman
4be8c79200 Upgrade to latest rustsec-admin 2025-12-17 18:06:41 +01:00
djc
4384743abd Synchronize IDs (2025-12-17) 2025-12-17 07:01:32 +01:00
dependabot[bot]
2d254c1fad Bump actions/checkout from 6.0.0 to 6.0.1 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](1af3b93b68...8e8c483db8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-15 16:07:57 +01:00
djc
a5541c13c7 Assigned RUSTSEC-2025-0136 to sequoia-openpgp 2025-12-15 14:02:19 +01:00
Alexander Kjäll
3b5c457440 Create advisory for CVE-2025-67897 in sequoia-pgp (#2511) 2025-12-15 13:59:31 +01:00
Dirkjan Ochtman
d0bdb37b2b Link to reference documentation on available categories 2025-12-11 16:11:05 +01:00
Dirkjan Ochtman
eb1f940aab Add missing fields in example advisory 2025-12-11 16:11:05 +01:00
djc
6b4a28c720 Assigned RUSTSEC-2025-0135 to matrix-sdk-base 2025-12-08 13:23:54 +01:00
Damir Jelić
3cb5be8c9c Add CVE-2025-66622 for matrix-sdk-base 2025-12-08 12:55:44 +01:00
djc
30472d9594 Synchronize IDs (2025-12-06) 2025-12-06 08:36:56 +01:00
djc
5d6f7fbf10 Assigned RUSTSEC-2025-0134 to rustls-pemfile 2025-12-05 20:07:24 +01:00
Dirkjan Ochtman
76e5be41d5 Declare rustls-pemfile to be unmaintained 2025-12-05 20:01:15 +01:00
djc
f414b4d1ff Assigned RUSTSEC-2025-0133 to libcrux-intrinsics 2025-12-04 15:23:19 +01:00
Joe Birr-Pixton
0be109e37c Add libcrux-intrinsics bug 2025-12-04 14:46:29 +01:00
djc
684d3355d0 Synchronize IDs (2025-12-02) 2025-12-02 07:03:09 +01:00
dependabot[bot]
6c3549ab50 Bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.8 to 7.0.9.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](271a8d0340...84ae59a2cd)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 7.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:51:50 +01:00
dependabot[bot]
d7e08cf6cb Bump actions/checkout from 5.0.0 to 6.0.0 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](08c6903cd8...1af3b93b68)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:46:36 +01:00
Callum Oakley
4ea955aed4 withdraw RUSTSEC-2025-0120: json5 is now maintained 2025-11-30 01:15:16 +01:00
djc
6901f3cd08 Assigned RUSTSEC-2025-0132 to maxminddb 2025-11-29 09:52:04 +01:00
Paolo Barbolini
c6de858b85 Add maxminddb mmap unsoundness advisory 2025-11-29 09:17:39 +01:00
djc
0071343468 Assigned RUSTSEC-2025-0131 to rtvm-interpreter 2025-11-28 14:44:25 +01:00
Shihao Xia
382e627612 Rtvm unsound API (#2451) 2025-11-28 14:43:10 +01:00
Markus Pettersson
90c47c2196 Update RUSTSEC-2025-0126 (#2488) 
Add patched version number to RUSTSEC-2025-0126.
 2025-11-27 22:53:33 +01:00
djc
cc3c393dba Synchronize IDs (2025-11-26) 2025-11-26 07:00:45 +01:00
djc
f5fdfe73c0 Assigned RUSTSEC-2025-0129 to cggmp21, RUSTSEC-2025-0130 to cggmp24 2025-11-25 12:10:55 +01:00
Denis Varlakov
826f224270 Report cggmp21 missing check vulnerability (#2481) 
Signed-off-by: Denis Varlakov <denis@dfns.co>
 2025-11-25 12:10:07 +01:00
djc
01b3e86c7a Assigned RUSTSEC-2025-0127 to cggmp21, RUSTSEC-2025-0128 to cggmp24 2025-11-25 12:09:13 +01:00
Denis Varlakov
6f321e3eea Attack on cggmp21 presignatures (#2482) 
Signed-off-by: Denis Varlakov <denis@dfns.co>
 2025-11-25 12:08:12 +01:00
djc
d7c9a1cb46 Assigned RUSTSEC-2025-0126 to nftnl 2025-11-25 10:40:00 +01:00
cuiwenhao123
9a0cd558a6 Add RUSTSEC for nftnl 2025-11-25 10:38:36 +01:00
John Vandenberg
f2c79ffdfa Use CVSS 3.1 for RUSTSEC-2025-0125 2025-11-22 13:29:36 +01:00
René Kijewski
2341ae6396 Fix typo in RUSTSEC-2025-0123 2025-11-22 12:56:30 +01:00
djc
594ee9d61e Assigned RUSTSEC-2025-0125 to thread-amount 2025-11-22 10:03:20 +01:00
jez
0e3044b85e Add advisory for memory leak in thread-amount < 0.2.2 (#2476) 2025-11-22 10:02:31 +01:00
Carol (Nichols || Goulding)
0c6f0bb552 Missing "r" in "rand_os" (#2475) 2025-11-19 21:48:42 +01:00
djc
01aa671a67 Assigned RUSTSEC-2025-0123 to opentelemetry-jaeger, RUSTSEC-2025-0124 to rand_os 2025-11-18 13:07:07 +01:00
John Vandenberg
c859f165be Mark rand_os as unmaintained (#2462) 2025-11-18 13:04:16 +01:00
John Vandenberg
7bd998af49 Mark opentelemetry-jaeger unmaintained (#2464) 2025-11-18 13:03:19 +01:00
djc
6799e5dea9 Assigned RUSTSEC-2025-0122 to cargo-asm 2025-11-18 10:02:31 +01:00
John Vandenberg
7ab0d68666 Mark cargo-asm unmaintained 2025-11-18 10:01:40 +01:00
djc
281529337d Assigned RUSTSEC-2025-0121 to gcc 2025-11-18 09:52:10 +01:00
John Vandenberg
3c3a36e967 Mark gcc unmaintained 2025-11-18 09:48:37 +01:00
djc
de3adb7264 Assigned RUSTSEC-2025-0120 to json5 2025-11-18 09:21:57 +01:00