Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-qhp6-635j-x7r2
  • crates.io/static-web-server
 Static Web Server affected by timing-based username enumeration in Basic Authentication due to early response on invalid usernames 3 days ago
  • Fix available
  • Severity - 5.3 (Medium)
RUSTSEC-2026-0016
  • crates.io/polymarkets-rs-clob-client
 `polymarkets-rs-clob-client` was removed from crates.io for malicious code 3 days ago
  • No fix available
RUSTSEC-2026-0017
  • crates.io/clob-sdk
 `clob-sdk` was removed from crates.io for malicious code 3 days ago
  • No fix available
GHSA-hmh4-3xvx-q5hr
  • crates.io/deno
 Deno has a Command Injection via Incomplete shell metacharacter blocklist in node:child_process 4 days ago
  • Fix available
  • Severity - 8.1 (High)
GHSA-47qc-857f-7w7f
  • crates.io/pyo3
 PyO3 has type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature 4 days ago
  • Fix available
  • Severity - 7.2 (High)
GHSA-3288-p39f-rqpv
  • crates.io/keccak
 Unsoundness in opt-in ARMv8 assembly backend for `keccak` 4 days ago
  • Fix available
  • Severity - 0.5 (Low)
RUSTSEC-2026-0014
  • crates.io/rpc-check
 `rpc-check` was removed from crates.io for malicious code 4 days ago
  • No fix available
RUSTSEC-2026-0015
  • crates.io/polymarkets-client-sdk
 `polymarkets-client-sdk` was removed from crates.io for malicious code 4 days ago
  • No fix available
RUSTSEC-2026-0013
  • crates.io/pyo3
 Type confusion when accessing data from sublasses of subclasses of native types with `abi3` feature targeting Python 3.12 and up 5 days ago
  • Fix available
GHSA-7v42-g35v-xrch
  • crates.io/httpsig-hyper
 Improper Digest Verification in httpsig-hyper May Allow Message Integrity Bypass 5 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-4chv-4c6w-w254
  • crates.io/soroban-sdk-macros
 The rs-soroban-sdk #[contractimpl] macro calls inherent function instead of trait function when names collide 5 days ago
  • Fix available
  • Severity - 7.5 (High)
GHSA-p5vf-5754-x7p3
  • crates.io/polymarket-client-sdks
 `polymarket-client-sdks` was removed from crates.io for malicious code 13 Feb
  • No fix available
GHSA-c7ph-f7jm-xv4w
  • crates.io/pgp
 rPGP's integrity protection of encrypted data was not always checked 13 Feb
  • Fix available
  • Severity - 6.3 (Medium)
GHSA-8h58-w33p-wq3g
  • crates.io/pgp
 rPGP affected by crash in message handling for deeply nested messages 13 Feb
  • Fix available
  • Severity - 8.7 (High)
GHSA-7587-4wv6-m68m
  • crates.io/pgp
 rPGP vulnerable to parser crash on crafted RSA secret key packets through CVE-2026-21895 13 Feb
  • Fix available
  • Severity - 8.7 (High)
GHSA-g433-pq76-6cmf
  • crates.io/hpke-rs
  • crates.io/hpke-rs-rust-crypto
 Bug fixes in hpke-rs, hpke-rs-rust-crypto 13 Feb
  • Fix available
Load more...