typemap is Unmaintained

The maintainer seems unreachable. The crate may or may not be usable as-is despite no maintenance and may not work in future versions of Rust. The last release seems to have been seven years ago. Possible Alternatives The below list has not been vetted in any way and may or may not contain...

RUSTSEC-2019-0039 typemap is Unmaintained

The maintainer seems unreachable. The crate may or may not be usable as-is despite no maintenance and may not work in future versions of Rust. The last release seems to have been seven years ago. Possible Alternatives The below list has not been vetted in any way and may or may not contain...

CVE-2019-9747

In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS Multicast DNS packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompressnlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a...

CVE-2019-9748

In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...

Regular Expression Denial of Service in jadedown

The jadedown package is affected by a regular expression denial of service vulnerability when certain types of user input are passed in. Proof of concept js var jadedown = require'jadedown'; var genstr = function len, chr var result = ""; for i=0; i=len; i++ result = result + chr; return result;...

CVE-2018-19665

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption...

RUSTSEC-2018-0016 quickersort is deprecated and unmaintained

The author of the quickersort crate has deprecated it and does not recommend using it anymore. Everything in it has been incorporated into std::sortunstable in the standard library as of Rust 1.20. std::sortunstable: https://doc.rust-lang.org/stable/std/primitive.slice.htmlmethod.sortunstable...

GHSA-VPCH-RXW3-FGX8 Cross-Site Scripting in @risingstack/protect

All versions of @risingstack/protect are vulnerable to Cross-Site Scripting. The isXss XSS validator has several bypasses that may allow attackers to execute arbitrary JavaScript in a victim's browser. Recommendation No fix is currently available. Consider using an alternative package. The packag...

Link Click Count - Critical - Unsupported - SA-CONTRIB-2017-094

The Link Click Count module helps you to monitor the traffic to your website by creating link fields. These link fields can be individual links or internal/external links that can be added to the content type. The security team is marking this module unsupported. There is a known security issue...

WordPress RK Responsive Contact Form plugin 1.0 - Authenticated Blind SQL Injection vulnerability

Authenticated Blind SQL Injection vulnerability found by Larry W. Cashdollar in WordPress RK Responsive Contact Form plugin 1.0 version. The variable $delid isn't sanitized before passing it into the SQL query through the file ./rk-responsive-contact-form/include/rkuserlist.php. Solution There is...

Fedora 25 : qt5-qtwebkit (2017-c844713925)

Qt5WebKit update to the new, maintained 'annulen branch'. Drop-in replacement for the old unmaintained QtWebKit. ---- Update to annulen-branch of qt5-qtwebkit, which contains a lot of security fixes. Drop-in replacement for the old unmaintained qt5-qtwebkit Note that Tenable Network Security has...

`serial` crate is unmaintained

The serial crate is no longer maintained. Last release was on 2017-07-02. Possible alternatives Consider using an alternative, for instance the blocking librarys: - serial2 - serialport or async alternatives: - mio-serial - tokio-serial...

RUSTSEC-2017-0008 `serial` crate is unmaintained

The serial crate is no longer maintained. Last release was on 2017-07-02. Possible alternatives Consider using an alternative, for instance the blocking librarys: - serial2 - serialport or async alternatives: - mio-serial - tokio-serial...

Custom Landing Page Builder - Unsupported - SA-CONTRIB-2017-050

The Custom Landing Page Builder module allows webmasters to build custom landing pages using a WYSIWYG editor while still having full control over the full layout of the page including the header, navigation, page content, footer, forms etc. The security team is marking this module unsupported...

CVE-2017-9181

libautotrace.a in AutoTrace 0.31.1 allows remote attackers to cause a denial of service invalid write and SEGV, related to the ReadImage function in input-bmp.c...

lz4-compress is unmaintained

According to the developers this crate is no longer maintained. The suggested alternative is lz4-compression, a maintained fork of lz4-compress. See also lz-fear which is compatible with the reference LZ4 implementation in C, but not with lz4-compress...

RUSTSEC-2017-0007 lz4-compress is unmaintained

According to the developers this crate is no longer maintained. The suggested alternative is lz4-compression, a maintained fork of lz4-compress. See also lz-fear which is compatible with the reference LZ4 implementation in C, but not with lz4-compress...

`cassandra` crate is unmaintained; use `cassandra-cpp` instead

The cassandra crate has not seen a release since December 2016, and its author is unresponsive. The cassandra-cpp crate is a maintained fork: https://github.com/Metaswitch/cassandra-rs...

RUSTSEC-2016-0006 `cassandra` crate is unmaintained; use `cassandra-cpp` instead

The cassandra crate has not seen a release since December 2016, and its author is unresponsive. The cassandra-cpp crate is a maintained fork: https://github.com/Metaswitch/cassandra-rs...

libusb is unmaintained; use rusb instead

The libusb crate has not seen a release since September 2016, and its author is unresponsive. The rusb crate is a maintained fork: https://github.com/a1ien/rusb...