approveapi (=0.1.0), approveapi_openapi (=0.1.1) +188 more potentially affected by unknown CVE via tokio-proto (=0.1.1)

tokio-proto CARGO version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on tokio-proto and may be impacted: - approveapi =0.1.0 - approveapiopenapi =0.1.1 - arc-reactor =0.1.0, =0.2.0, =0.2.0, =1.5.0, =0.4.2, =0.5.0, =0.1.0, =0.1.0, =0.1.6 and mo...

CVE-2019-20446

In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially...

NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +325 more potentially affected by CVE-2020-35902 via actix-codec (>=0.1.2 <=0.2.0)

actix-codec CARGO version =0.1.2, =0.1.0, =0.8.0, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.1 - actix-delay =0.1.0 - actix-diesel-actor =0.1.1 and more Source cves: CVE-2020-35902 Source advisory: OSV:RUSTSEC-2020-0049...

fcp_cryptoauth (=0.4.0), holochain_sodium (=0.0.1-alpha1) +6 more potentially affected by unknown CVE via rust_sodium (>=0.10.1 <=0.10.2)

rustsodium CARGO version =0.10.1, =0.0.1-alpha1, =1.0.0, =0.13.0, =0.2.0, =0.10.5 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2020-0003...

openSUSE: Security Advisory for rust (openSUSE-SU-2019:2294-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rust (openSUSE-SU-2019:2244-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE: Security Advisory for rust (openSUSE-SU-2019:2203-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Unspecified Vulnerability in Baidu Rust SGX SDK

Baidu Rust SGX SDK is a Rust language development kit for Intel SGX Trusted Computing Platform from Baidu, China. A security vulnerability exists in Baidu Rust SGX SDK 1.0.8 and earlier versions. No detailed vulnerability details are available at this time...

NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +171 more potentially affected by CVE-2020-35899 via actix-service (>=0.1.6 <=0.4.2)

actix-service CARGO version =0.1.6, =0.8.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: CVE-2020-35899 Source advisory: OSV:RUSTSEC-2020-0046...

NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +319 more potentially affected by CVE-2020-35898 via actix-utils (>=0.3.5 <=1.0.6)

actix-utils CARGO version =0.3.5, =0.1.0, =0.8.0, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: CVE-2020-35898 Source advisory: OSV:RUSTSEC-2020-0045...

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

Sql injection

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

CVE-2020-5499

Summary: CVE-2020-5499 affects Baidu Rust SGX SDK up to version 1.0.8, where an enclave ID race can yield non‑deterministic results in which two global IDs are the same. The linked records consistently describe this as the enclave ID race issue and reference Baidu Rust SGX SDK 1.0.8 and earlier. ...

CVE-2020-5499

Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same...

Findomain v0.9.3 - The Fastest And Cross-Platform Subdomain Enumerator

The fastest and cross-platform subdomain enumerator. What Findomain can do? It table gives you a idea why you should use findomain and what it can do for you. The domain used for the test was aol.com in the following BlackArch virtual machine: Host: KVM/QEMU Standard PC i440FX + PIIX, 1996...

Goblin - An Impish, Cross-Platform Binary Parsing Crate, Written In Rust

Documentation https://docs.rs/goblin/ changelog Usage Goblin requires rustc 1.31.1. Add to your Cargo.toml dependencies goblin = "0.1" Features awesome crate name zero-copy, cross-platform, endian-aware, ELF64/32 implementation - wow! zero-copy, cross-platform, endian-aware, 32/64 bit Mach-o pars...

RUSTSEC-2019-0032 crust repo has been archived; use libp2p instead

The crust crate repo was archived with no warning or explanation. Given that it was archived with no warning or successor, there's not an official replacement but rust-libp2p looks like it's got a similar feature set and is actively maintained...

maidsafe_client (>=0.1.0 <=0.1.2), maidsafe_types (>=0.0.9 <=0.2.3) +6 more potentially affected by unknown CVE via crust (>=0.0.3 <=0.2.12)

crust CARGO version =0.0.3, =0.1.0, =0.0.9, =0.0.3, =0.0.6, =0.1.4, =0.1.0, =0.1.0, =0.1.5, =0.1.6 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2019-0032...

crust repo has been archived; use libp2p instead

The crust crate repo was archived with no warning or explanation. Given that it was archived with no warning or successor, there's not an official replacement but rust-libp2p looks like it's got a similar feature set and is actively maintained...