65 matches found
cacheline-ef (>=1.0.0 <=1.1.0), dsi-bitstream (=0.4.2) +7 more potentially affected by unknown CVE via maligned (=0.2.1)
maligned CARGO version =0.2.1 is affected by a known vulnerability. The following packages have a transitive dependency on maligned and may be impacted: - cacheline-ef =1.0.0, =0.4.0, =0.6.0, =0.1.6, =0.1.0, =0.4.0, =0.4.2 - vframe =0.3.2 Source cves: unknown CVE Source advisory:...
roaring-landmask (=0.4.0) potentially affected by CVE-2023-0216 via openssl-src (=300.0.0+3.0.0)
openssl-src CARGO version =300.0.0+3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - roaring-landmask =0.4.0 Source cves: CVE-2023-0216 Source advisory: OSV:RUSTSEC-2023-0011...
openssl-sys (>=0.9.35 <=0.9.37) potentially affected by CVE-2022-4304 via openssl-src (=110.0.7+1.1.0i)
openssl-src CARGO version =110.0.7+1.1.0i is affected by a known vulnerability. The following packages have a transitive dependency on openssl-src and may be impacted: - openssl-sys =0.9.35, =0.9.37 Source cves: CVE-2022-4304 Source advisory: OSV:RUSTSEC-2023-0007...
cargo-travis (>=0.0.10 <=0.0.11), cargo-travis-fork (>=0.0.11 <=0.0.12) potentially affected by unknown CVE via badge (>=0.2.0 <=0.3.0)
badge CARGO version =0.2.0, =0.0.10, =0.0.11, =0.0.12 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0057...
AsgoreCore (>=0.1.0 <=0.1.2), RustyBox (=0.1.0) +210 more potentially affected by unknown CVE via clipboard (>=0.1.2 <=0.5.0)
clipboard CARGO version =0.1.2, =0.1.0, =0.1.0, =0.6.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.8.0, =0.3.0, =0.4.0, =0.8.0, =0.15.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0056...
novel (=0.4.2), salvo (>=0.1.5 <=0.1.6) +4 more potentially affected by unknown CVE via double-checked-cell (>=1.1.0 <=2.1.0)
double-checked-cell CARGO version =1.1.0, =0.1.5, =0.1.5, =0.1.5, =0.1.0, =1.0.0, =1.0.4-beta-2 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0024...
afterglow (>=0.1.0 <=0.3.0), aiid_js (=0.0.1) +47 more potentially affected by unknown CVE via bumpalo (=2.6.0)
bumpalo CARGO version =2.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on bumpalo and may be impacted: - afterglow =0.1.0, =0.5.4, =0.1.0, =3.0.0, =4.0.2, =0.114.0, =0.114.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.6.1 and more Source cves: unkno...
acme-dns-rust (>=1.0.0 <=1.0.6), acme2-slim (=0.2.0) +161 more potentially affected by unknown CVE via warp (>=0.1.23 <=0.3.1)
warp CARGO version =0.1.23, =1.0.0, =0.1.0, =0.1.0, =0.1.5, =0.1.0, =1.0.0, =0.14.0, =0.4.0, =0.1.0, =0.1.0, =0.1.6 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0082...
AskAI (=0.1.0), BeerHolderBot (>=0.1.0 <=0.3.8) +29256 more potentially affected by CVE-2021-45710 via tokio (>=0.1.16 <=1.8.1)
tokio CARGO version =0.1.16, =0.1.0, =0.1.0, =1.0.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =1.0.0-1, =0.1.0, =0.2.1 and more Source cves: CVE-2021-45710 Source advisory: OSV:RUSTSEC-2021-0124...
abd-clam (>=0.10.0-dev0 <=0.12.1), adbc_core (=0.14.0) +290 more potentially affected by unknown CVE via arrow (>=0.16.0 <=5.5.0)
arrow CARGO version =0.16.0, =0.10.0-dev0, =0.6.0, =0.6.0, =0.2.0, =0.4.0, =0.3.0, =0.2.0, =2.0.0, =0.2.0, =0.1.0, =0.2.0 - arrow-graph-core =0.1.0 - arrow-graph-git =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0118...
ark-bls12-377 (=0.2.0), ark-crypto-primitives (=0.2.0) +19 more potentially affected by CVE-2021-38194 via ark-r1cs-std (=0.2.0)
ark-r1cs-std CARGO version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on ark-r1cs-std and may be impacted: - ark-bls12-377 =0.2.0 - ark-crypto-primitives =0.2.0 - ark-curve-constraint-tests =0.2.0 - ark-ed-on-bls12-377 =0.2.0 -...
vade (>=0.1.0 <=0.1.1), vade-evan (=0.3.0) +4 more potentially affected by CVE-2021-38191 via tokio (=1.7.1)
tokio CARGO version =1.7.1 is affected by a known vulnerability. The following packages have a transitive dependency on tokio and may be impacted: - vade =0.1.0, =0.1.3, =0.2.0 - vade-sidetree =0.0.3 - vade-signer =0.0.1 - vade-universal-resolver =0.0.4 Source cves: CVE-2021-38191 Source advisory...
actinium226-librespot (=0.4.3), actinium226-librespot-connect (=0.4.3) +939 more potentially affected by unknown CVE via aes-soft (=0.6.4)
aes-soft CARGO version =0.6.4 is affected by a known vulnerability. The following packages have a transitive dependency on aes-soft and may be impacted: - actinium226-librespot =0.4.3 - actinium226-librespot-connect =0.4.3 - actinium226-librespot-playback =0.4.3, =0.1.3, =0.1.0, =0.3.0, =0.3.0,...
axosnake (>=0.1.0 <=0.1.4), bevy_rapier2d (>=0.1.1 <=0.4.0) +22 more potentially affected by unknown CVE via ncollide2d (>=0.15.4 <=0.33.0)
ncollide2d CARGO version =0.15.4, =0.1.0, =0.1.1, =0.0.0, =0.14.0, =0.0.1, =0.1.0, =0.15.3, =0.8.0, =0.1.0, =0.5.0, =0.5.0, =0.5.0, =0.46.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0151...
RUSTSEC-2021-0083 QueryInterface should call AddRef before returning pointer
Affected version of this crate, which is a required dependency in com-impl, provides a faulty implementation of the IUnknown::QueryInterface method. QueryInterface implementation must call IUnknown::AddRef before returning the pointer, as describe in this documentation: As it is not incrementing...
addr2line (=0.6.0), backtrace (>=0.3.6 <=0.3.9) +11 more potentially affected by CVE-2021-25901 via lazy-init (>=0.1.1 <=0.3.0)
lazy-init CARGO version =0.1.1, =0.3.6, =0.1.0, =0.1.0, =0.1.0, =0.7.0, =0.4.0, =0.4.0, =0.2.0, =0.2.0, =0.1.0, =0.1.0, =0.3.0 Source cves: CVE-2021-25901 Source advisory: OSV:RUSTSEC-2021-0004...
term-handler (=0.1.0) potentially affected by CVE-2020-36446 via signal-simple (=0.1.1)
signal-simple CARGO version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on signal-simple and may be impacted: - term-handler =0.1.0 Source cves: CVE-2020-36446 Source advisory: OSV:RUSTSEC-2020-0126...
safe-transfers (=0.1.0), sn_transfers (=0.2.0) potentially affected by unknown CVE via safe-nd (>=0.11.7 <=0.9.0)
safe-nd CARGO version =0.11.7, =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on safe-nd and may be impacted: - safe-transfers =0.1.0 - sntransfers =0.2.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0063...
aoaddons (>=0.1.1 <=0.2.0), bls_signature_aggregator (=0.1.0) +2 more potentially affected by unknown CVE via fake_clock (>=0.1.0 <=0.3.1)
fakeclock CARGO version =0.1.0, =0.1.1, =0.6.0, =0.1.0, =1.3.1 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0065...
acheron (=0.1.0), actix_web_metrics_mw (>=0.0.1 <=0.3.1) +142 more potentially affected by CVE-2020-25791 +5 more via sized-chunks (>=0.1.3 <=0.5.3)
sized-chunks CARGO version =0.1.3, =0.0.1, =0.11.0, =0.11.0, =0.2.0, =0.6.0, =0.4.0, =0.2.0, =1.6.0, =0.10.0, =0.10.0, =0.1.1, =0.33.0, =0.45.1 - cargo-authors =0.5.0 and more Source cves: CVE-2020-25791, CVE-2020-25792, CVE-2020-25793, CVE-2020-25794, CVE-2020-25795, CVE-2020-25796 Source...