RUSTSEC-2023-0090 Guest-controlled out-of-bounds read/write on x86\_64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ff4p-7xrq-q5r8. For more information see the GitHub-hosted security advisory...

Guest-controlled out-of-bounds read/write on x86\_64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-ff4p-7xrq-q5r8. For more information see the GitHub-hosted security advisory...

abrute (>=0.1.7 <=0.1.9), alass-cli (>=1.0.0 <=2.0.0) +158 more potentially affected by unknown CVE via ascii (>=0.7.1 <=0.8.7)

ascii CARGO version =0.7.1, =0.1.7, =1.0.0, =0.1.0, =0.1.0, =0.1.4, =0.2.0, =0.0.1, =0.14.0, =0.1.0, =0.0.0, =1.0.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0015...

aubio-sys (>=0.2.0 <=0.2.1), bioutils (>=0.1.5 <=0.2.4) +31 more potentially affected by unknown CVE via ftp (=3.0.1)

ftp CARGO version =3.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on ftp and may be impacted: - aubio-sys =0.2.0, =0.1.5, =0.2.0, =0.32.0, =0.0.1, =0.6.0, =0.6.0, =0.1.0, =0.0.1, =1.1.1, =0.3.0, =0.5.0, =0.0.1, =0.4.17, =0.6.0 and more Source cves:...

acari-lib (>=0.1.11 <=0.1.12), acme-rs (>=0.1.0 <=0.2.0) +350 more potentially affected by unknown CVE via buf_redux (>=0.1.3 <=0.8.4)

bufredux CARGO version =0.1.3, =0.1.11, =0.1.0, =0.9.2, =0.5.1, =0.2.0, =0.1.0, =0.0.1, =0.1.5, =0.0.5, =0.0.1, =0.1.0, =1.0.0, =0.26.1, =0.26.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0028...

ani-tui (>=0.1.0 <=0.2.1), atomic-server (>=0.33.0 <=0.34.0) +113 more potentially affected by unknown CVE via kuchiki (>=0.3.4 <=0.8.1)

kuchiki CARGO version =0.3.4, =0.1.0, =0.33.0, =0.33.0, =0.7.2, =0.1.0, =0.0.1, =0.1.0, =0.1.0, =0.3.0, =0.1.0, =0.8.5 - curseforgewebview =0.1.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2023-0019...

Out of bounds write in `wasmtime_trap_code` C API function

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-h84q-m8rr-3v9q. For more information see the GitHub-hosted security advisory...

RUSTSEC-2022-0097 Out of bounds write in `wasmtime_trap_code` C API function

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-h84q-m8rr-3v9q. For more information see the GitHub-hosted security advisory...

RUSTSEC-2022-0098 Data leakage between instances in the pooling allocator

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf. For more information see the GitHub-hosted security advisory...

Data leakage between instances in the pooling allocator

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-wh6w-3828-g9qf. For more information see the GitHub-hosted security advisory...

RUSTSEC-2022-0102 Out of bounds read/write with zero-memory-pages configuration

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-44mr-8vmm-wjhg. For more information see the GitHub-hosted security advisory...

nfprobe (=0.0.1), terminus (>=0.1.0 <=0.2.0) potentially affected by unknown CVE via elf_rs (>=0.1.1 <=0.1.3)

elfrs CARGO version =0.1.1, =0.1.0, =0.2.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0079...

sentry-conduit (>=0.1.0 <=0.3.0) potentially affected by CVE-2022-39294 via conduit-hyper (=0.3.0)

conduit-hyper CARGO version =0.3.0 is affected by a known vulnerability. The following packages have a transitive dependency on conduit-hyper and may be impacted: - sentry-conduit =0.1.0, =0.3.0 Source cves: CVE-2022-39294 Source advisory: OSV:RUSTSEC-2022-0066...

addr2line (=0.7.0), aether (>=0.0.1 <=0.0.3) +359 more potentially affected by unknown CVE via parity-wasm (>=0.17.0 <=0.45.0)

parity-wasm CARGO version =0.17.0, =0.0.1, =0.1.0, =0.26.1, =0.3.10, =0.0.1, =0.0.0, =0.0.1, =0.1.0, =0.4.1, =0.1.0, =0.2.0, =0.4.0 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0061...

traitobject is Unmaintained

Crate traitobject has not had a release for over five years. In addition there is an existing security advisory that has not been addressed: - RUSTSEC-2020-0027 Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - destructuretraitobject...

alass-util (=0.3.0), assembly-data (>=0.2.0 <=0.3.0-beta.0) +57 more potentially affected by unknown CVE via mapr (=0.8.0)

mapr CARGO version =0.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on mapr and may be impacted: - alass-util =0.3.0 - assembly-data =0.2.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.0, =0.101.0, =0.37.0, =0.101.0, =0.4.0, =0.37.0, =0.40.0, =0.40.0,...

RUSTSEC-2022-0100 Use After Free with `externref`s in Wasmtime

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-5fhj-g3p3-pq9g. For more information see the GitHub-hosted security advisory...

RUSTSEC-2022-0101 Miscompilation of constant values in division on AArch64

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-7f6x-jwh5-m9r4. For more information see the GitHub-hosted security advisory...

Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jqwc-c49r-4w2x. For more information see the GitHub-hosted security advisory...

RUSTSEC-2022-0095 Miscompilation of `i8x16.swizzle` and `select` with v128 inputs

This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jqwc-c49r-4w2x. For more information see the GitHub-hosted security advisory...