crates.io

GHSA-67r5-rqwv-9p9q

crates.io/array-init-cursor

array-init-cursor is unsound when used with types that implement `Drop`

13 hours ago

Fix available
Severity - 2.9 (Low)

GHSA-j8x2-777p-23fc

crates.io/tough

tough cyclic delegation graphs are not detected

3 days ago

Fix available
Severity - 2.7 (Low)

GHSA-v4wr-j3w6-mxqc

crates.io/tough

tough terminating targets role delegations are not respected

3 days ago

Fix available
Severity - 5.7 (Medium)

GHSA-5vmp-m5v2-hx47

crates.io/tough

tough root metadata version is not checked for sequential versioning

3 days ago

Fix available
Severity - 5.7 (Medium)

GHSA-76g3-38jv-wxh4

crates.io/tough

tough timestamp metadata is cached when it fails snapshot rollback check

3 days ago

Fix available
Severity - 5.7 (Medium)

GHSA-q6r9-r9pw-4cf7

crates.io/tough

tough failure to detect delegated target rollback

3 days ago

Fix available
Severity - 5.7 (Medium)

RUSTSEC-2025-0019

crates.io/array-init-cursor

`array-init-cursor` in version 0.2.0 and below is unsound when used with types that implement `Drop`

4 days ago

Fix available

GHSA-9cc5-2pq7-hfj8

crates.io/xmas-elf

xmas-elf potential out-of-bounds read with a malformed ELF file and the HashTable API.

5 days ago

Fix available
Severity - 6.9 (Medium)

RUSTSEC-2025-0018

crates.io/xmas-elf

Potential out-of-bounds read with a malformed ELF file and the HashTable API.

5 days ago

Fix available

GHSA-fc83-9jwq-gc2m

crates.io/web-push

Web Push Denial of Service via malicious Web Push endpoint

24 Mar

Fix available
Severity - 6.9 (Medium)

GHSA-vgmh-mqm4-8j88

crates.io/pared

pared Vulnerable to Use After Free in `Parc` and `Prc` Due to Missing Lifetime Constraints

24 Mar

Fix available
Severity - 6.8 (Medium)

RUSTSEC-2025-0017

crates.io/trust-dns-proto

The `trust-dns` project has been rebranded to `hickory-dns`

23 Mar

No fix available

GHSA-g8vq-v3mg-7mrg

crates.io/redlib

Redlib allows a Denial of Service via DEFLATE Decompression Bomb in restore_preferences Form

21 Mar

Fix available
Severity - 8.7 (High)

GHSA-5w4j-f78p-4wh9

crates.io/libcontainer

Libcontainer is affected by capabilities elevation similar to GHSA-f3fp-gc8g-vw66

21 Mar

Fix available
Severity - 5.9 (Medium)

GHSA-cg8r-jwg7-r2x4

crates.io/cosmwasm

CosmWasm Allows Bypass of Capability Restrictions in Blockchains

18 Mar

Fix available
Severity - 5.3 (Medium)

GHSA-94vh-gphv-8pm8

crates.io/zip

zip Incorrectly Canonicalizes Paths during Archive Extraction Leading to Arbitrary File Write

17 Mar

Fix available
Severity - 7.3 (High)

Vulnerabilities