Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-3rcq-39xp-7xjp
  • crates.io/ic-stable-structures
 ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows
  • See details.
 2024-05-21T14:49:48Z Fix available
GHSA-9328-gcfq-p269
  • crates.io/arti
  • crates.io/tor-circmgr
 Tor Arti's STUB circuits incorrectly have a length of 2
  • 1.2.2
  • 0.18.0
 2024-05-18T00:30:42Z Fix available
GHSA-c96h-cxx6-rmg9
  • crates.io/tor-circmgr
  • crates.io/arti
 Tor path lengths too short when "full Vanguards" configured
  • 0.18.0
  • 1.2.2
 2024-05-18T00:30:42Z Fix available
RUSTSEC-2024-0339
  • crates.io/tor-circmgr
 Tor path lengths too short when "Vanguards lite" configured
  • See details.
 2024-05-15T12:00:00Z Fix available
RUSTSEC-2024-0340
  • crates.io/tor-circmgr
 Tor path lengths too short when "full Vanguards" configured
  • See details.
 2024-05-15T12:00:00Z Fix available
GHSA-9ggc-845v-gcgv
  • crates.io/matrix-sdk-crypto
 matrix-sdk-crypto contains a log exposure of private key of the server-side key backup
  • 0.7.0
 2024-05-13T16:04:37Z Fix available
GHSA-f3h7-gpjj-wcvh
  • crates.io/spin-sdk
 Spin applications with specific configuration vulnerable to potential network sandbox escape
  • See details.
 2024-05-08T17:50:49Z Fix available
GHSA-23rx-c3g5-hv9w
  • crates.io/deno
 Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag
  • See details.
 2024-05-08T14:33:16Z Fix available
GHSA-c3hm-hxwf-g5c6
  • crates.io/vodozemac
 vodozemac has degraded secret zeroization capabilities
  • See details.
 2024-05-03T19:34:07Z Fix available
RUSTSEC-2024-0342
  • crates.io/vodozemac
 Degraded secret zeroization capabilities
  • See details.
 2024-05-02T12:00:00Z Fix available
GHSA-q9p4-hw9m-fj2v
  • crates.io/apollo-router
 Apollo Router vulnerable to Critical Regression In Query Plan Cache
  • See details.
 2024-05-02T08:20:00Z Fix available
GHSA-3999-5ffv-wp2r
  • crates.io/yamux
 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property
  • See details.
 2024-05-01T16:40:49Z Fix available
GHSA-rwfq-v4hq-h7fg
  • crates.io/static-web-server
 static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names
  • See details.
 2024-05-01T16:39:24Z Fix available
GHSA-8724-5xmm-w5xq
  • crates.io/cosmwasm-std
 CosmWasm affected by arithmetic overflows
  • See details.
 2024-04-24T17:37:59Z Fix available
RUSTSEC-2024-0338
  • crates.io/cosmwasm-std
 Arithmetic overflows in cosmwasm-std
  • See details.
 2024-04-24T12:00:00Z Fix available
RUSTSEC-2024-0337
  • crates.io/zip_next
 The crate `zip_next` has been renamed to `zip`.
  • See details.
 2024-04-20T12:00:00Z No fix available
Load more...