Vulnerability Library

ID
Packages
Summary
Affected versions
Published
Fix
RUSTSEC-2024-0017
  • crates.io/cassandra-cpp
Non-idiomatic use of iterators leads to use after free
  • See details.
2024-02-28T12:00:00Z Fix available
RUSTSEC-2024-0018
  • crates.io/crayon
ObjectPool creates uninitialized memory when freeing objects
  • See details.
2024-02-27T12:00:00Z No fix available
GHSA-q3gg-m8hr-h4x4
  • crates.io/surrealdb
Externally Controlled Format String in Scripting Functions
  • See details.
2024-02-21T00:04:05Z Fix available
GHSA-6wr5-jmpr-mjcx
  • crates.io/surrealdb
Uncaught Exception in Macro Expecting Native Function to Exist
  • See details.
2024-02-21T00:03:06Z Fix available
GHSA-8xff-473h-f863
  • crates.io/surrealdb
Uncaught Exception Handling Parsing Errors on Line Terminators
  • See details.
2024-02-21T00:00:54Z Fix available
RUSTSEC-2024-0016
  • crates.io/libdav1d-sys
dav1d AV1 decoder integer overflow
  • See details.
2024-02-19T12:00:00Z Fix available
GHSA-747x-5m58-mq97
  • crates.io/svix
svix vulnerable to Authentication Bypass
  • See details.
2024-02-13T06:30:28Z Fix available
GHSA-22q8-ghmq-63vf
  • crates.io/libgit2-sys
libgit2-sys affected by memory corruption, denial of service, and arbitrary code execution in libgit2
  • See details.
2024-02-12T15:42:14Z Fix available
RUSTSEC-2024-0014
  • crates.io/generational-arena
`generational-arena` is unmaintained
  • See details.
2024-02-11T12:00:00Z No fix available
GHSA-x5j2-g63m-f8g4
  • crates.io/pqc_kyber
pqc_kyber KyberSlash: division timings depending on secrets
  • See details.
2024-02-09T16:19:53Z No fix available
GHSA-rr69-rxr6-8qwf
  • crates.io/serde-json-wasm
serde-json-wasm stack overflow during recursive JSON parsing
  • 1.0.0
2024-02-09T16:03:32Z Fix available
GHSA-3qx3-6hxr-j2ch
  • crates.io/eza
eza Potential Heap Overflow Vulnerability for AArch64
  • See details.
2024-02-08T18:47:28Z Fix available
GHSA-w277-wpqf-rcfv
  • crates.io/svix
Svix vulnerable to improper comparison of different-length signatures
  • See details.
2024-02-06T20:30:14Z Fix available
RUSTSEC-2024-0010
  • crates.io/svix
Improper comparison of different-length signatures
  • See details.
2024-02-06T12:00:00Z Fix available
RUSTSEC-2024-0013
  • crates.io/libgit2-sys
Memory corruption, denial of service, and arbitrary code execution in libgit2
  • See details.
2024-02-06T12:00:00Z Fix available
GHSA-29c2-65rj-h343
  • crates.io/ckb
Nervos CKB Permit load cell data from memory
  • See details.
2024-02-03T00:29:06Z Fix available