Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-55f3-3qvg-8pv5
  • crates.io/wasmer
Symlink bypasses filesystem sandbox
  • See details.
2024-06-07T19:40:00Z No fix available
GHSA-52xf-5p2m-9wrv
  • crates.io/s2n-tls
s2n-tls has a potentially observable differences in RSA premaster secret handling
  • See details.
2024-06-06T14:26:18Z Fix available
GHSA-9hc7-6w9r-wj94
  • crates.io/nano-id
Unable to generate the correct character set
  • See details.
2024-06-04T18:40:34Z Fix available
GHSA-2hfw-w739-p7x5
  • crates.io/nano-id
nano-id reduced entropy due to inadequate character set usage
  • See details.
2024-06-04T17:49:18Z Fix available
RUSTSEC-2024-0343
  • crates.io/nano-id
Reduced entropy due to inadequate character set usage
  • See details.
2024-06-03T12:00:00Z Fix available
GHSA-xcr2-h8hv-6227
  • crates.io/qdrant
qdrant is vulnerable to path traversal due to improper input validation in the `/collections/{name}/snapshots/upload` endpoint
  • 1.9.0-dev
2024-06-02T22:30:10Z Fix available
GHSA-57fm-592m-34r7
  • crates.io/tauri
iFrames Bypass Origin Checks for Tauri API Access Control
  • See details.
2024-05-23T14:11:24Z Fix available
GHSA-49jc-r788-3fc9
  • crates.io/gix-worktree-state
  • crates.io/gitoxide
  • crates.io/gix-worktree
  • crates.io/gitoxide-core
  • crates.io/gix
  • crates.io/gix-fs
  • crates.io/gix-ref
  • crates.io/gix-index
gix refs and paths with reserved Windows device names access the devices
  • See details.
2024-05-22T14:13:24Z Fix available
GHSA-7w47-3wg8-547c
  • crates.io/gix-worktree-state
  • crates.io/gitoxide
  • crates.io/gix-fs
  • crates.io/gix-worktree
  • crates.io/gix
  • crates.io/gitoxide-core
  • crates.io/gix-index
gix traversal outside working tree enables arbitrary code execution
  • See details.
2024-05-22T14:05:58Z Fix available
GHSA-3rcq-39xp-7xjp
  • crates.io/ic-stable-structures
ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows
  • See details.
2024-05-21T14:49:48Z Fix available
GHSA-9328-gcfq-p269
  • crates.io/arti
  • crates.io/tor-circmgr
Tor Arti's STUB circuits incorrectly have a length of 2
  • 1.2.2
  • 0.18.0
2024-05-18T00:30:42Z Fix available
GHSA-c96h-cxx6-rmg9
  • crates.io/tor-circmgr
  • crates.io/arti
Tor path lengths too short when "full Vanguards" configured
  • 0.18.0
  • 1.2.2
2024-05-18T00:30:42Z Fix available
RUSTSEC-2024-0339
  • crates.io/tor-circmgr
Tor path lengths too short when "Vanguards lite" configured
  • See details.
2024-05-15T12:00:00Z Fix available
RUSTSEC-2024-0340
  • crates.io/tor-circmgr
Tor path lengths too short when "full Vanguards" configured
  • See details.
2024-05-15T12:00:00Z Fix available
GHSA-9ggc-845v-gcgv
  • crates.io/matrix-sdk-crypto
matrix-sdk-crypto contains a log exposure of private key of the server-side key backup
  • 0.7.0
2024-05-13T16:04:37Z Fix available
GHSA-f3h7-gpjj-wcvh
  • crates.io/spin-sdk
Spin applications with specific configuration vulnerable to potential network sandbox escape
  • See details.
2024-05-08T17:50:49Z Fix available