buf_redux is Unmaintained

Last release was over three years ago. The maintainers have been unreachable to respond to any issues that may or may not include security issues. The repository is now archived and there is no security policy in place to contact the maintainers otherwise. The safety-undocumented unsafe in the...

RUSTSEC-2023-0019 `kuchiki` is unmaintained

The kuchiki repo was marked as archived in this commit. Possible Alternatives Possible alternatives may include: - kuchikiki - html5ever - xml-rs...

CVE-2023-24040

dtprintinfo in Common Desktop Environment 1.6 has a bug in the parser of lpstat an invoked external command during listing of the names of available printers. This allows low-privileged local users to inject arbitrary printer names via the $HOME/.printers file. This injection allows those users t...

CVE-2023-24039

A stack-based buffer overflow in ParseColors in libXm in Common Desktop Environment 1.6 can be exploited by local low-privileged users via the dtprintinfo setuid binary to escalate their privileges to root on Solaris 10 systems. NOTE: This vulnerability only affects products that are no longer...

RUSTSEC-2022-0077 `claim` is Unmaintained

The last release was in February 2021, almost two years ago. The maintainer has been unresponsive regarding this crate for over a year. A pending issue with claim's dependencies has made the crate difficult to use. Possible Alternatives The below list has not been vetted in any way and may or may...

`claim` is Unmaintained

The last release was in February 2021, almost two years ago. The maintainer has been unresponsive regarding this crate for over a year. A pending issue with claim's dependencies has made the crate difficult to use. Possible Alternatives The below list has not been vetted in any way and may or may...

RUSTSEC-2022-0060 orbtk is Unmaintained

The orbtk crate is no longer maintained. Alternatives proposed by the authors: iced slint...

orbtk is Unmaintained

The orbtk crate is no longer maintained. Alternatives proposed by the authors: iced slint...

PT-2022-37426 · Orbtk · Orbtk

Name of the Vulnerable Software and Affected Versions: orbtk affected versions not specified Description: The orbtk crate is no longer maintained. As a result, it may pose a risk due to potential unaddressed issues. The authors have proposed alternatives, including iced and slint. Recommendations...

GHSA-CG8C-GC2J-2WF7 Flask-Security vulnerable to Open Redirect

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

GHSA-74W3-P89X-FFGH ansi_term is Unmaintained

Withdrawn Advisory This advisory has been withdrawn because it does not discuss a particular vulnerability in the code of ansiterm. Original Description The maintainer has adviced this crate is deprecated and will not receive any maintenance. The crate does not seem to have much dependencies and...

ansi_term is Unmaintained

Withdrawn Advisory This advisory has been withdrawn because it does not discuss a particular vulnerability in the code of ansiterm. Original Description The maintainer has adviced this crate is deprecated and will not receive any maintenance. The crate does not seem to have much dependencies and...

GHSA-RC23-XXGQ-X27G wee_alloc is Unmaintained

Two of the maintainers have indicated that the crate may not be maintained. The crate has open issues including memory leaks and may not be suitable for production use. It may be best to switch to the default Rust standard allocator on wasm32 targets. Last release seems to have been three years a...

wee_alloc is Unmaintained

Two of the maintainers have indicated that the crate may not be maintained. The crate has open issues including memory leaks and may not be suitable for production use. It may be best to switch to the default Rust standard allocator on wasm32 targets. Last release seems to have been three years a...

typemap is Unmaintained

The maintainer seems unreachable. The crate may or may not be usable as-is despite no maintenance and may not work in future versions of Rust. The last release seems to have been seven years ago...

traitobject is Unmaintained

Crate traitobject has not had a release for over five years. In addition there is an existing security advisory that has not been addressed: - RUSTSEC-2020-0027 Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - destructuretraitobject...

GHSA-PP8R-VV2J-9J5V traitobject is Unmaintained

Crate traitobject has not had a release for over five years. In addition there is an existing security advisory that has not been addressed: - RUSTSEC-2020-0027 Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - destructuretraitobject...

badge is Unmaintained

The maintainer has advised this crate is deprecated and will not receive any maintenance. The crate depends on the deprecated rusttype crate and won't receive updates anymore. Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - badge-make...

PT-2022-37424 · Rusttype +1 · Rusttype +1

Name of the Vulnerable Software and Affected Versions: badge versions affected versions not specified Description: The maintainer has advised that this crate is deprecated and will not receive any maintenance due to its dependency on the deprecated rusttype crate. Recommendations: At the moment,...

mapr is Unmaintained

The mapr fork has been merged back into upstream fork memmap2. The maintainers have advised mapr is deprecated and will not receive any maintenance in favor of using memmap2. Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - memmap2...