9534 matches found
[SECURITY] Fedora 42 Update: rust-tracing-subscriber-0.3.20-1.fc42
Utilities for implementing and composing tracing subscribers...
Linux Distros Unpatched Vulnerability : CVE-2018-25025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption...
Fedora: Security Advisory (FEDORA-2025-0ebd4408bd)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory (FEDORA-2025-874b407d96)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Linux Distros Unpatched Vulnerability : CVE-2019-15548
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are instr and mvwinstr buffer overflows because interaction with C functions is...
Linux Distros Unpatched Vulnerability : CVE-2018-25026
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely,...
Linux Distros Unpatched Vulnerability : CVE-2019-15547
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the ncurses crate through 5.99.0 for Rust. There are format string issues in printw functions because C format arguments are...
Linux Distros Unpatched Vulnerability : CVE-2018-25024
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memor...
RUSTSEC-2025-0066 The `google-apis-rs` project is now unmaintained
Instead, please start using and migrate to the official Google Rust bindings...
drivesync (=0.1.0), geckopanda (>=0.1.0 <=0.2.0) +601 more potentially affected by unknown CVE via google-apis-common (>=4.0.1 <=6.0.4)
google-apis-common CARGO version =4.0.1, =0.1.0, =5.0.2+20230114, =5.0.2+20230123, =5.0.2+20230120, =5.0.2+20200708, =5.0.2+20230123, =5.0.2+20230123, =5.0.2+20210330, =5.0.4+20210330 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0066...
The `google-apis-rs` project is now unmaintained
Instead, please start using and migrate to the official Google Rust bindings...
RUSTSEC-2025-0059 servo-fontconfig crate is unmaintained
The servo-fontconfig crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - fontconfig-rs...
iron crate is unmaintained
The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...
alexa (>=0.1.0 <=0.1.2), alipay-rs (>=0.2.0 <=0.4.6) +226 more potentially affected by unknown CVE via iron (>=0.1.21 <=0.6.1)
iron CARGO version =0.1.21, =0.1.0, =0.2.0, =0.3.2, =0.0.1, =0.8.0, =0.14.0, =0.5.0, =0.7.0, =0.0.6, =0.1.0, =0.1.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0061...
armory_cli (>=0.3.3 <=0.3.28), armory_lib (>=0.1.0 <=0.3.28) +157 more potentially affected by unknown CVE via crypto-hash (=0.3.4)
crypto-hash CARGO version =0.3.4 is affected by a known vulnerability. The following packages have a transitive dependency on crypto-hash and may be impacted: - armorycli =0.3.3, =0.1.0, =0.1.0, =0.1.0, =0.10.0, =0.10.0, =0.23.0, =0.1.0, =0.5.0, =0.3.10, =0.1.0, =0.2.2, =0.6.3 and more Source cve...
RUSTSEC-2025-0061 iron crate is unmaintained
The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...
RagatagSorter (>=3.2.0 <=3.2.1), aa2nucaln (=0.1.1) +418 more potentially affected by unknown CVE via custom_derive (=0.1.7)
customderive CARGO version =0.1.7 is affected by a known vulnerability. The following packages have a transitive dependency on customderive and may be impacted: - RagatagSorter =3.2.0, =0.9.0, =0.4.0, =0.1.1, =0.2.0, =0.4.3, =0.1.0, =0.1.0, =0.1.0-alpha.1, =0.1.0, =3.1.3, =3.10.0 and more Source...
advisory-db
This is a security advisory database repository for Rust crates published via crates.io. The repository contains a collection of security advisories filed against various Rust crates, with each advisory containing information in TOML format. The advisories are categorized by crate name, and each...
advisory-db
This is a security advisory database for Rust crates published through crates.io. The database is stored in TOML format and contains information about security advisories filed against various Rust crates. The advisories include details such as the affected package, patched versions, and a...
SUSE-SU-2025:03092-1 Security update for rav1e
This update for rav1e fixes the following issues: - Update crate shlex to 1.3.0: CVE-2024-58266: Fixed command injection bsc1247207 RUSTSEC-2024-0006: Fixed multiple issues involving quote API bsc1230028...