Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-6g7w-8wpp-frhj
  • crates.io/rustls
 Infinite loop in rustls::conn::ConnectionCommon::complete_io() with proper client input
  • 0.20
 2024-04-19T19:46:57Z Fix available
RUSTSEC-2024-0336
  • crates.io/rustls
 `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input
  • See details.
 2024-04-19T12:00:00Z Fix available
GHSA-98p4-xjmm-8mfh
  • crates.io/gix-transport
  • crates.io/gix
  • crates.io/gitoxide
 gix-transport indirect code execution via malicious username
  • See details.
 2024-04-15T19:33:03Z Fix available
RUSTSEC-2024-0335
  • crates.io/gix-transport
 gix-transport indirect code execution via malicious username
  • See details.
 2024-04-13T12:00:00Z Fix available
RUSTSEC-2024-0333
  • crates.io/rsa-export
 `rsa-export` is unmaintained
  • See details.
 2024-04-06T12:00:00Z No fix available
GHSA-mc39-h54g-pvw6
  • crates.io/libdav1d-sys
 libdav1d-sys affected by dav1d AV1 decoder integer overflow
  • See details.
 2024-04-05T15:42:39Z Fix available
GHSA-5gmm-6m36-r7jh
  • crates.io/transpose
 transpose: Buffer overflow due to integer overflow
  • See details.
 2024-04-05T15:41:34Z Fix available
GHSA-xfhw-6mc4-mgxf
  • crates.io/crayon
 crayon: ObjectPool creates uninitialized memory when freeing objects
  • See details.
 2024-04-05T15:40:40Z No fix available
GHSA-w5w5-8vfh-xcjq
  • crates.io/whoami
 whoami stack buffer overflow on several Unix platforms
  • See details.
 2024-04-05T15:39:19Z Fix available
GHSA-4v52-7q2x-v4xj
  • crates.io/eyre
 eyre: Parts of Report are dropped as the wrong type during downcast
  • See details.
 2024-04-05T15:08:53Z Fix available
GHSA-w7hm-hmxv-pvhf
  • crates.io/hpack
 HPACK decoder panics on invalid input
  • See details.
 2024-04-05T15:06:27Z No fix available
GHSA-q6cp-qfwq-4gcv
  • crates.io/h2
 h2 servers vulnerable to degradation of service with CONTINUATION Flood
  • See details.
 2024-04-05T15:05:32Z Fix available
GHSA-x9xc-63hg-vcfq
  • crates.io/cassandra-cpp
 cassandra-rs's non-idiomatic use of iterators leads to use after free
  • See details.
 2024-04-05T15:00:55Z Fix available
RUSTSEC-2024-0334
  • crates.io/libp2p-tokio-socks5
 `libp2p-tokio-socks5` is unmaintained
  • See details.
 2024-04-05T12:00:00Z No fix available
RUSTSEC-2024-0332
  • crates.io/h2
 Degradation of service in h2 servers with CONTINUATION Flood
  • See details.
 2024-04-03T12:00:00Z Fix available
GHSA-75hq-h6g9-h4q5
  • crates.io/wasmtime
 Wasmtime vulnerable to panic when using a dropped extenref-typed element segment
  • 19.0.0
 2024-04-02T21:09:23Z Fix available
Load more...