Obsolete versions of the `rustsec` crate do not support the new V3 advisory format

If you are seeing this message, you are running an obsolete version of cargo-audit which does not support the new V3 advisory format. These versions are end-of-life. This advisory is a notice that that it will soon be unable to parse the advisory database. Please upgrade cargo-audit to a newer...

RUSTSEC-2020-0051 Obsolete versions of the `rustsec` crate do not support the new V3 advisory format

If you are seeing this message, you are running an obsolete version of cargo-audit which does not support the new V3 advisory format. These versions are end-of-life. This advisory is a notice that that it will soon be unable to parse the advisory database. Please upgrade cargo-audit to a newer...

epoll (>=0.4.0 <=0.6.0), hydrogen (>=0.1.0 <=0.1.5) potentially affected by CVE-2020-35892 +1 more via simple-slab (>=0.1.0 <=0.2.3)

simple-slab CARGO version =0.1.0, =0.4.0, =0.1.0, =0.1.5 Source cves: CVE-2020-35892, CVE-2020-35893 Source advisory: OSV:RUSTSEC-2020-0039...

crayon-audio (>=0.6.0 <=0.7.1) potentially affected by CVE-2020-35889 via crayon (>=0.6.0 <=0.7.1)

crayon CARGO version =0.6.0, =0.6.0, =0.7.1 Source cves: CVE-2020-35889 Source advisory: OSV:RUSTSEC-2020-0037...

toolbox (>=0.2.7 <=0.2.9) potentially affected by CVE-2020-36432 via alg_ds (>=0.2.7 <=0.3.2)

algds CARGO version =0.2.7, =0.2.7, =0.2.9 Source cves: CVE-2020-36432 Source advisory: OSV:RUSTSEC-2020-0033...

kay (>=0.1.0 <=0.5.1) potentially affected by CVE-2020-36433 via chunky (>=0.1.4 <=0.3.7)

chunky CARGO version =0.1.4, =0.1.0, =0.5.1 Source cves: CVE-2020-36433 Source advisory: OSV:RUSTSEC-2020-0035...

kea (>=0.1.0 <=0.1.3) potentially affected by CVE-2020-35885 via alpm-rs (=0.1.24)

alpm-rs CARGO version =0.1.24 is affected by a known vulnerability. The following packages have a transitive dependency on alpm-rs and may be impacted: - kea =0.1.0, =0.1.3 Source cves: CVE-2020-35885 Source advisory: OSV:RUSTSEC-2020-0032...

mozjpeg DecompressScanlines::read_scanlines is Unsound

This issue and vector is similar to RUSTSEC-2020-0029 of rgb crate which mozjpeg depends on. Affected versions of mozjpeg crate allow creating instances of any type T from bytes, and do not correctly constrain T to the types for which it is safe to do so. Examples of safety violation possible for...

NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +325 more potentially affected by CVE-2020-35902 via actix-codec (>=0.1.2 <=0.2.0)

actix-codec CARGO version =0.1.2, =0.1.0, =0.8.0, =0.1.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.3.1 - actix-delay =0.1.0 - actix-diesel-actor =0.1.1 and more Source cves: CVE-2020-35902 Source advisory: OSV:RUSTSEC-2020-0049...

NeteaseCloudMusicRustApi (=0.1.1), RustMusic (=0.1.0) +171 more potentially affected by CVE-2020-35899 via actix-service (>=0.1.6 <=0.4.2)

actix-service CARGO version =0.1.6, =0.8.0, =0.1.8, =0.1.0, =0.1.0, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.1 and more Source cves: CVE-2020-35899 Source advisory: OSV:RUSTSEC-2020-0046...

DesignerHelper-rs (>=0.1.0 <=0.1.2), GetPDB (>=0.1.0 <=1.0.1) +6475 more potentially affected by CVE-2019-25010 +1 more via failure (>=0.1.0 <=0.1.8)

failure CARGO version =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.1, =0.4.0 - abscissacore =0.4.0 and more Source cves: CVE-2019-25010, CVE-2020-25575 Source advisory: OSV:RUSTSEC-2019-0036...

RUSTSEC-2019-0024 Test advisory with associated example crate

This is a test advisory useful for verifying RustSec tooling and vulnerability detection pipelines are working correctly. Aside from the fact that it is filed against an example crate, it is otherwise considered by the Advisory Database itself to be a normal security advisory. It's filed against...

Test advisory with associated example crate

This is a test advisory useful for verifying RustSec tooling and vulnerability detection pipelines are working correctly. Aside from the fact that it is filed against an example crate, it is otherwise considered by the Advisory Database itself to be a normal security advisory. It's filed against...

actix (>=0.5.0 <=0.7.7), actix-ogn (=0.1.0) +270 more potentially affected by CVE-2019-15553 via memoffset (>=0.1.0 <=0.2.1)

memoffset CARGO version =0.1.0, =0.5.0, =0.7.5, =0.2.5, =0.4.0, =0.9.0, =0.1.0, =0.1.0, =0.4.0, =0.5.0, =0.4.0, =0.7.0 and more Source cves: CVE-2019-15553 Source advisory: OSV:RUSTSEC-2019-0011...

accepted (>=0.2.0 <=0.3.2), aigc_api (=5.1.2) +506 more potentially affected by unknown CVE via typemap (=0.3.3)

typemap CARGO version =0.3.3 is affected by a known vulnerability. The following packages have a transitive dependency on typemap and may be impacted: - accepted =0.2.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.4.1 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2019-0039...

aurelius (>=0.1.8 <=0.1.13), barust (=0.1.0) +54 more potentially affected by unknown CVE via chan (=0.1.23)

chan CARGO version =0.1.23 is affected by a known vulnerability. The following packages have a transitive dependency on chan and may be impacted: - aurelius =0.1.8, =0.0.2, =0.1.0, =0.2.0, =0.2.9, =0.2.0, =0.1.0, =0.1.0, =0.6.1, =0.3.6, =0.3.0, =0.1.0, =0.0.1, =0.1.0 and more Source cves: unknown...

aw-fel (>=0.1.0 <=0.5.2), blinkrs (>=0.1.0 <=1.0.0) +28 more potentially affected by unknown CVE via libusb (>=0.2.2 <=0.3.0)

libusb CARGO version =0.2.2, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.1.0, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.2.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2016-0004...