Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
149391
AlmaLinux
3014
Alpine
3485
Android
898
Bitnami
4275
Chainguard
13046
CRAN
10
crates.io
1403
Debian
16400
GIT
29014
GitHub Actions
16
Go
2579
Hackage
18
Hex
30
Linux
13573
Maven
4967
npm
17840
NuGet
1334
OSS-Fuzz
3372
Packagist
3948
Pub
8
PyPI
13756
Rocky Linux
1315
RubyGems
1585
SwiftURL
31
Ubuntu
5337
Wolfi
8137
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-vx24-x4mv-vwr5
crates.io/starship
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
5 hours ago
Fix available
Severity - 7.4 (High)
GHSA-66fw-43h8-f8p3
crates.io/xmp_toolkit
XMP Toolkit's `XmpFile::close` can trigger undefined behavior
5 hours ago
Fix available
RUSTSEC-2024-0360
crates.io/xmp_toolkit
`XmpFile::close` can trigger UB
15 hours ago
Fix available
GHSA-cx7h-h87r-jpgr
crates.io/gix-attributes
The kstring integration in gix-attributes is unsound
yesterday
Fix available
RUSTSEC-2024-0359
crates.io/gix-attributes
The kstring integration in gix-attributes is unsound
2 days ago
Fix available
GHSA-c2hf-vcmr-qjrf
crates.io/object_store
Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files
3 days ago
Fix available
Severity - 4.8 (Medium)
RUSTSEC-2024-0358
crates.io/object_store
Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files
3 days ago
Fix available
Severity - 3.8 (Low)
GHSA-q445-7m23-qrmw
crates.io/openssl
openssl's `MemBio::get_buf` has undefined behavior with empty buffers
4 days ago
Fix available
Severity - 6.9 (Medium)
RUSTSEC-2024-0357
crates.io/openssl
`MemBio::get_buf` has undefined behavior with empty buffers
5 days ago
Fix available
GHSA-4qg4-cvh2-crgg
crates.io/matrix-sdk-crypto
matrix-sdk-crypto's `UserIdentity::is_verified` not checking verification status of own user identity while performing the check
18 Jul
Fix available
Severity - 6.3 (Medium)
GHSA-mgvv-9p9g-3jv4
crates.io/gix-path
gix-path can use a fake program files location
18 Jul
Fix available
Severity - 8.6 (High)
RUSTSEC-2024-0355
crates.io/gix-path
gix-path can use a fake program files location
18 Jul
Fix available
Severity - 6.8 (Medium)
RUSTSEC-2024-0356
crates.io/matrix-sdk-crypto
`UserIdentity::is_verified` not checking verification status of own user identity while performing the check
18 Jul
Fix available
GHSA-j8cm-g7r6-hfpq
crates.io/vodozemac
vodozemac's usage of non-constant time base64 decoder could lead to leakage of secret key material
17 Jul
Fix available
Severity - 6.3 (Medium)
RUSTSEC-2024-0354
crates.io/vodozemac
Usage of non-constant time base64 decoder could lead to leakage of secret key material
17 Jul
Fix available
GHSA-5xgj-pmjj-gw49
crates.io/risc0-zkvm
RISC Zero zkVM notes on zero-knowledge
15 Jul
No fix available
Load more...
crates.io - OSV