Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
GHSA-57fm-592m-34r7
  • crates.io/tauri
iFrames Bypass Origin Checks for Tauri API Access Control
  • See details.
2024-05-23T14:11:24Z Fix available
GHSA-49jc-r788-3fc9
  • crates.io/gix-worktree-state
  • crates.io/gitoxide
  • crates.io/gix-worktree
  • crates.io/gitoxide-core
  • crates.io/gix
  • crates.io/gix-fs
  • crates.io/gix-ref
  • crates.io/gix-index
gix refs and paths with reserved Windows device names access the devices
  • See details.
2024-05-22T14:13:24Z Fix available
GHSA-7w47-3wg8-547c
  • crates.io/gix-worktree-state
  • crates.io/gitoxide
  • crates.io/gix-fs
  • crates.io/gix-worktree
  • crates.io/gix
  • crates.io/gitoxide-core
  • crates.io/gix-index
gix traversal outside working tree enables arbitrary code execution
  • See details.
2024-05-22T14:05:58Z Fix available
GHSA-3rcq-39xp-7xjp
  • crates.io/ic-stable-structures
ic-stable-structures vulnerable to BTreeMap memory leak when deallocating nodes with overflows
  • See details.
2024-05-21T14:49:48Z Fix available
GHSA-9328-gcfq-p269
  • crates.io/arti
  • crates.io/tor-circmgr
Tor Arti's STUB circuits incorrectly have a length of 2
  • 1.2.2
  • 0.18.0
2024-05-18T00:30:42Z Fix available
GHSA-c96h-cxx6-rmg9
  • crates.io/tor-circmgr
  • crates.io/arti
Tor path lengths too short when "full Vanguards" configured
  • 0.18.0
  • 1.2.2
2024-05-18T00:30:42Z Fix available
RUSTSEC-2024-0339
  • crates.io/tor-circmgr
Tor path lengths too short when "Vanguards lite" configured
  • See details.
2024-05-15T12:00:00Z Fix available
RUSTSEC-2024-0340
  • crates.io/tor-circmgr
Tor path lengths too short when "full Vanguards" configured
  • See details.
2024-05-15T12:00:00Z Fix available
GHSA-9ggc-845v-gcgv
  • crates.io/matrix-sdk-crypto
matrix-sdk-crypto contains a log exposure of private key of the server-side key backup
  • 0.7.0
2024-05-13T16:04:37Z Fix available
GHSA-f3h7-gpjj-wcvh
  • crates.io/spin-sdk
Spin applications with specific configuration vulnerable to potential network sandbox escape
  • See details.
2024-05-08T17:50:49Z Fix available
GHSA-23rx-c3g5-hv9w
  • crates.io/deno
Deno permission escalation vulnerability via open of privileged files with missing `--deny` flag
  • See details.
2024-05-08T14:33:16Z Fix available
GHSA-c3hm-hxwf-g5c6
  • crates.io/vodozemac
vodozemac has degraded secret zeroization capabilities
  • See details.
2024-05-03T19:34:07Z Fix available
RUSTSEC-2024-0342
  • crates.io/vodozemac
Degraded secret zeroization capabilities
  • See details.
2024-05-02T12:00:00Z Fix available
GHSA-q9p4-hw9m-fj2v
  • crates.io/apollo-router
Apollo Router vulnerable to Critical Regression In Query Plan Cache
  • See details.
2024-05-02T08:20:00Z Fix available
GHSA-3999-5ffv-wp2r
  • crates.io/yamux
Yamux Memory Exhaustion Vulnerability via Active::pending_frames property
  • See details.
2024-05-01T16:40:49Z Fix available
GHSA-rwfq-v4hq-h7fg
  • crates.io/static-web-server
static-web-server vulnerable to stored Cross-site Scripting in directory listings via file names
  • See details.
2024-05-01T16:39:24Z Fix available