RUSTSEC-2025-0025

See a problem?
Please try reporting it to the source first.

Source

https://rustsec.org/advisories/RUSTSEC-2025-0025

Import Source

https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0025.json

JSON Data

https://api.osv.dev/v1/vulns/RUSTSEC-2025-0025

Published

2025-04-28T12:00:00Z

Modified

2025-04-28T13:38:14Z

Summary

rustc-serialize is unmaintained

Details

rustc-serialize will no longer be maintained as declared by the developer. By fuzzing the package, we can identify multiple vulnerabilities. The project has been archived and cannot submit issues. The developer has recommended using the serde crate instead.

Database specific

{
    "license": "CC0-1.0"
}

References

Affected packages

crates.io / rustc-serialize

Package

Name: rustc-serialize; View open source insights on deps.dev
Purl: pkg:cargo/rustc-serialize

Affected ranges

Type: SEMVER
Events: Introduced

0.0.0-0

Ecosystem specific

{
    "affected_functions": null,
    "affects": {
        "os": [],
        "functions": [],
        "arch": []
    }
}

Database specific

{
    "cvss": null,
    "informational": "unmaintained",
    "categories": []
}