Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-3g92-f9ch-qjcm
  • crates.io/p3-symmetric
 Plonky3: The sponge construction used to get a hash function from a cryptographic permutation is not collision resistant for inputs of different lengths 7 hours ago
  • No fix available
  • Severity - 2.9 (Low)
GHSA-xgp8-3hg3-c2mh
  • crates.io/rustls-webpki
 webpki: Name constraints were accepted for certificates asserting a wildcard name 8 hours ago
  • Fix available
  • Severity - 2.2 (Low)
GHSA-965h-392x-2mh5
  • crates.io/rustls-webpki
 webpki: Name constraints for URI names were incorrectly accepted 8 hours ago
  • Fix available
  • Severity - 2.2 (Low)
GHSA-xphw-cqx3-667j
  • crates.io/thin-vec
 thin-vec: Use-After-Free and Double Free in IntoIter::drop When Element Drop Panics yesterday
  • Fix available
  • Severity - 7.3 (High)
RUSTSEC-2026-0098
  • crates.io/rustls-webpki
 Name constraints for URI names were incorrectly accepted 2 days ago
  • Fix available
RUSTSEC-2026-0099
  • crates.io/rustls-webpki
 Name constraints were accepted for certificates asserting a wildcard name 2 days ago
  • Fix available
GHSA-cq8v-f236-94qc
  • crates.io/rand
 Rand is unsound with a custom logger using rand::rng() 3 days ago
  • Fix available
GHSA-63x8-x938-vx33
  • crates.io/sp1_prover
  • crates.io/sp1_recursion_circuit
  • crates.io/sp1_sdk
 SP1 V6 Recursion Circuit Row-Count Binding Gap 3 days ago
  • Fix available
  • Severity - 8.9 (High)
GHSA-48m6-486p-9j8p
  • crates.io/nimiq-consensus
 nimiq-consensus panics via RequestMacroChain micro-block locator 3 days ago
  • No fix available
  • Severity - 5.3 (Medium)
RUSTSEC-2026-0100
  • crates.io/pretty-changelog-logger
 `pretty-changelog-logger` was removed from crates.io for malicious code 3 days ago
  • No fix available
RUSTSEC-2026-0101
  • crates.io/safe-agent-rs
 `safe-agent-rs` was removed from crates.io for being affiliated with malicious code 3 days ago
  • No fix available
RUSTSEC-2026-0102
  • crates.io/microsoftsystem64
 `microsoftsystem64` was removed from crates.io for malicious code 3 days ago
  • No fix available
GHSA-49xc-52mp-cc9j
  • crates.io/nimiq-blockchain
 nimiq-blockchain is missing a wall-clock upper bound on block timestamps 6 days ago
  • No fix available
  • Severity - 9.1 (Critical)
GHSA-f984-pcp8-v2p7
  • crates.io/wasmtime
 Wasmtime has improperly masked return value from `table.grow` with Winch compiler backend 6 days ago
  • Fix available
  • Severity - 6.1 (Medium)
GHSA-xx5w-cvp6-jv83
  • crates.io/wasmtime
 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access 6 days ago
  • Fix available
  • Severity - 9.2 (Critical)
GHSA-394w-hwhg-8vgm
  • crates.io/wasmtime
 Wasmtime has out-of-bounds write or crash when transcoding component model strings 09 Apr
  • Fix available
  • Severity - 6.1 (Medium)
Load more...