Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-c3hm-hxwf-g5c6
  • crates.io/vodozemac
 vodozemac has degraded secret zeroization capabilities
  • See details.
 2024-05-03T19:34:07Z Fix available
GHSA-q9p4-hw9m-fj2v
  • crates.io/apollo-router
 Apollo Router vulnerable to Critical Regression In Query Plan Cache
  • See details.
 2024-05-02T08:20:00Z Fix available
GHSA-3999-5ffv-wp2r
  • crates.io/yamux
 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property
  • See details.
 2024-05-01T16:40:49Z Fix available
GHSA-rwfq-v4hq-h7fg
  • crates.io/static-web-server
 static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names
  • See details.
 2024-05-01T16:39:24Z Fix available
GHSA-8724-5xmm-w5xq
  • crates.io/cosmwasm-std
 CosmWasm affected by arithmetic overflows
  • See details.
 2024-04-24T17:37:59Z Fix available
RUSTSEC-2024-0338
  • crates.io/cosmwasm-std
 Arithmetic overflows in cosmwasm-std
  • See details.
 2024-04-24T12:00:00Z Fix available
RUSTSEC-2024-0337
  • crates.io/zip_next
 The crate `zip_next` has been renamed to `zip`.
  • See details.
 2024-04-20T12:00:00Z No fix available
GHSA-6g7w-8wpp-frhj
  • crates.io/rustls
 Infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input
  • 0.20
 2024-04-19T19:46:57Z Fix available
RUSTSEC-2024-0336
  • crates.io/rustls
 `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input
  • See details.
 2024-04-19T12:00:00Z Fix available
GHSA-98p4-xjmm-8mfh
  • crates.io/gix-transport
  • crates.io/gix
  • crates.io/gitoxide
 gix-transport indirect code execution via malicious username
  • See details.
 2024-04-15T19:33:03Z Fix available
RUSTSEC-2024-0335
  • crates.io/gix-transport
 gix-transport indirect code execution via malicious username
  • See details.
 2024-04-13T12:00:00Z Fix available
RUSTSEC-2024-0333
  • crates.io/rsa-export
 `rsa-export` is unmaintained
  • See details.
 2024-04-06T12:00:00Z No fix available
GHSA-mc39-h54g-pvw6
  • crates.io/libdav1d-sys
 libdav1d-sys affected by dav1d AV1 decoder integer overflow
  • See details.
 2024-04-05T15:42:39Z Fix available
GHSA-5gmm-6m36-r7jh
  • crates.io/transpose
 transpose: Buffer overflow due to integer overflow
  • See details.
 2024-04-05T15:41:34Z Fix available
GHSA-xfhw-6mc4-mgxf
  • crates.io/crayon
 crayon: ObjectPool creates uninitialized memory when freeing objects
  • See details.
 2024-04-05T15:40:40Z No fix available
GHSA-w5w5-8vfh-xcjq
  • crates.io/whoami
 whoami stack buffer overflow on several Unix platforms
  • See details.
 2024-04-05T15:39:19Z Fix available
Load more...