RUSTSEC-2020-0166

Source
https://rustsec.org/advisories/RUSTSEC-2020-0166
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0166.json
Aliases
Published
2020-09-04T12:00:00Z
Modified
2023-11-08T04:13:59.081891Z
Details

Swedish personal identity is in the form of YYMMDD-XXXX

An issue arises from the regular expression allowing the first three digits in the last four digits of the personnummer to be 000, which is invalid.

To mitigate this without upgrading, a check on the last four digits can be made to make sure it's not 000x.

The affected version should not be relied on without the mitigation to check that the swedish personal identity number is valid.

References

Affected packages

crates.io / personnummer

Package

Name
personnummer

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
3.0.1

Ecosystem specific 

{
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific 

{
    "cvss": null,
    "informational": "notice",
    "categories": []
}