7 matches found
serde_yml crate is unsound and unmaintained
Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...
serde_yml crate is unsound and unmaintained
Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...
RUSTSEC-2025-0068 serde_yml crate is unsound and unmaintained
Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...
RUSTSEC-2025-0058 custom_derive crate is unmaintained
The customderive crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - strum - macro-attr...
Pkg Local Privilege Escalation
Impact Any native code packages built by pkg are written to a hardcoded directory. On unix systems, this is /tmp/pkg/ which is a shared directory for all users on the same local system. There is no uniqueness to the package names within this directory, they are predictable. An attacker who has...
RUSTSEC-2020-0095 difference is unmaintained
The author of the difference crate is unresponsive. Maintained alternatives: - dissimilar - similar - treediff - diffus...
RUSTSEC-2020-0056 stdweb is unmaintained
The author of the stdweb crate is unresponsive. Maintained alternatives: - wasm-bindgen - js-sys - web-sys...