637 matches found
CVE-2017-20016
A vulnerability has been found in WEKA INTEREST Security Scanner up to 1.8 and classified as problematic. This vulnerability affects unknown code of the component Portscan. The manipulation with an unknown input leads to denial of service. The attack can be initiated remotely. The exploit has bee...
pty is unmaintained
The repository hasn't received any updates since Jun 25, 2017 and the author is unresponsive. Maintained alternatives include: tokio-pty-process pty-process...
RUSTSEC-2022-0015 pty is unmaintained
The repository hasn't received any updates since Jun 25, 2017 and the author is unresponsive. Maintained alternatives include: tokio-pty-process pty-process...
RUSTSEC-2022-0081 json is unmaintained
Last release was almost 3 years ago. The maintainer is unresponsive with outstanding issues. One of the outstanding issues include a possible soundness issue. Possible Alternatives The below list has not been vetted in any way and may or may not contain alternatives; - jzon maintained fork of jso...
xml-rs is Unmaintained
xml-rs is a XML parser has open issues around parsing including integer overflows / panics that may or may not be an issue with untrusted data. Together with these open issues with Unmaintained status xml-rs may or may not be suited to parse untrusted data. Alternatives - quick-xml...
RUSTSEC-2022-0048 xml-rs is Unmaintained
xml-rs is a XML parser has open issues around parsing including integer overflows / panics that may or may not be an issue with untrusted data. Together with these open issues with Unmaintained status xml-rs may or may not be suited to parse untrusted data. Alternatives - quick-xml...
UBUNTU-CVE-2021-39892
In all versions of GitLab CE/EE since version 12.0, a lower privileged user can import users from projects that they don't have a maintainer role on and disclose email addresses of those users...
RUSTSEC-2022-0044 `markdown` (1.0.0 and higher) is maintained
A new markdown crate has been brought over by a new maintainer replacing the old crate. The crate GitHub repository is now wooorm/markdown-rs This advisory has been withdraw since version 1.0.0 was released on 2025-04-23. markdown 0.3.0 and lower was unmaintained The old markdown crate was no...
RUSTSEC-2022-0001 lmdb is unmaintained, use lmdb-rkv instead
The lmdb crate hasn't had any updates since August 2018. Mozilla's lmdb-rkv fork of the crate has received additional maintenance work beyond that and is the best available replacement...
lmdb is unmaintained, use lmdb-rkv instead
The lmdb crate hasn't had any updates since August 2018. Mozilla's lmdb-rkv fork of the crate has received additional maintenance work beyond that and is the best available replacement...
RUSTSEC-2021-0134 rental is unmaintained, author has moved on
The author encourages users to explore other solutions, or maintain a fork. Maintained alternatives include: ouroboros fortify escher...
cargo-download is unmaintained
The cargo download subcommand via cargo-download crate is broken and maintainer has disappeared from GitHub and hasn't had any commits for a year. Using this downloader will result to corrupted crates. Maintainer has not responded to maintenance takeover. Just use wget / curl directly...
dotenv is Unmaintained
dotenv by description is meant to be used in development or testing only. Using this in production may or may not be advisable. Alternatives The below may or may not be feasible alternatives: - dotenvycodegenimpl...
RUSTSEC-2021-0141 dotenv is Unmaintained
dotenv by description is meant to be used in development or testing only. Using this in production may or may not be advisable. Alternatives The below may or may not be feasible alternatives: - dotenvy...
dotenv is Unmaintained
dotenv by description is meant to be used in development or testing only. Using this in production may or may not be advisable. Alternatives The below may or may not be feasible alternatives: - dotenvy...
RUSTSEC-2021-0142 dotenv is Unmaintained
dotenv by description is meant to be used in development or testing only. Using this in production may or may not be advisable. Alternatives The below may or may not be feasible alternatives: - dotenvycodegenimpl...
RUSTSEC-2021-0153 `encoding` is unmaintained
Last release was on 2016-08-28. The issue inquiring as to the status of the crate has gone unanswered by the maintainer. Possible alternatives - encodingrs...
`encoding` is unmaintained
Last release was on 2016-08-28. The issue inquiring as to the status of the crate has gone unanswered by the maintainer. Possible alternatives - encodingrs...
CVE-2021-41208
TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...
CVE-2021-41208
TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service via dereferencing nullptrs or via CHECK-failures as well as abuse undefined behavior binding...