18 matches found
RUSTSEC-2026-0160 `pqcrypto-sphincsplus` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to SPHINCS+/SLH-DSA FIPS 205 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result,...
`pqcrypto-falcon` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to the Falcon FN-DSA signature scheme via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As ...
`pqcrypto-mlkem` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to ML-KEM FIPS 203 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...
`pqcrypto-sphincsplus` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to SPHINCS+/SLH-DSA FIPS 205 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result,...
RUSTSEC-2026-0161 `pqcrypto-mlkem` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to ML-KEM FIPS 203 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...
RUSTSEC-2026-0164 `pqcrypto` is unmaintained: upstream PQClean project being archived
The pqcrypto crate and the entire pqcrypto- ecosystem wrap C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches, algorithm updates, or bug fixes will be applied to the upstream implementations. ...
`pqcrypto-mldsa` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to ML-DSA FIPS 204 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...
RUSTSEC-2026-0165 `pqcrypto-falcon` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to the Falcon FN-DSA signature scheme via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As ...
RUSTSEC-2026-0166 `pqcrypto-mldsa` is unmaintained: upstream PQClean project being archived
This crate provides Rust bindings to ML-DSA FIPS 204 via C implementations from PQClean. The PQClean project is being archived in or after July 2026 see PQClean/PQClean604, after which no further security patches or bug fixes will be applied to the upstream implementations. As a result, this crat...
[SECURITY] Fedora 43 Update: rust-protobuf-parse-3.7.2-1.fc43
Parse .proto files. Files are parsed into a protobuf::descriptor::FileDescriptorSet object using either: pure rust parser no dependencies protoc binary more reliable and compatible with Google's implementation...
serde_yml crate is unsound and unmaintained
Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...
RUSTSEC-2025-0068 serde_yml crate is unsound and unmaintained
Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...
[SECURITY] Fedora 40 Update: rust-hyper-rustls-0.27.3-1.fc40
Rustls+hyper integration for pure rust HTTPS...
Fedora: Security Advisory for rust-vhost (FEDORA-2024-f2305d485f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for rust-vhost (FEDORA-2024-04877592b7)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-49092
The CVE-2023-49092 entry concerns RustCrypto/RSA, a pure Rust portable RSA implementation. The root cause is a non-constant-time implementation that leaks information about the private key through timing observations over the network. Practical impact is key recovery by an attacker who can observ...
CVE-2023-49092
RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is...
Fedora 37 : firecracker / rust-aes-gcm (2023-bc40c7995e)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-bc40c7995e advisory. - Update the aes-gcm crate to version 0.10.3. Addresses CVE-2023-42811. - Rebuild dependent packages firecracker for aes-gcm v0.10.3...