1141 matches found
Undefined behavior in index_of_ptr with empty slices
The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...
`unic-ucd-ident` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties - unicode-ident...
`unic-char-basics` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
Heap-buffer-overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::withpagesize constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch...
`unic-ucd-case` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-bidi` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-emoji` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-hangul` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...
Segmentation fault and invalid memory read in `mnl::cb_run`
The function mnl::cbrun is marked as safe but exhibits unsound behavior when processing malformed Netlink message buffers. Passing a crafted byte slice to mnl::cbrun can trigger memory violations. The function does not sufficiently validate the input buffer structure before processing, leading to...
`unic-idna-punycode` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - idna...
`unic-ucd-name_aliases` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-utils` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-ucd-block` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-ucd-name` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-ucd-normal` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer...
`unic-idna` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - idna...
`unic-char` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-age` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-idna-mapping` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - idna...
`unic-ucd` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-version` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-bidi` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - unicode-bidi...
`unic-common` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-segment` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icusegmenter - unicode-segmentation...
`unic-char-range` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - Since version 1.45.0 Rust supports using char with ops::Range, RangeFrom, RangeFull, RangeInclusive, RangeTo to iterate over a range of codepoints...
`unic-normal` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icunormalizer - unicode-normalization...
`unic` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icu - idna - unicode-bidi...
`unic-ucd-common` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-core` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
`unic-emoji-char` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-segment` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-ucd-category` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-char-property` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained. Recommended alternatives - icuproperties...
`unic-cli` is unmaintained
All Unicode crates that are part of https://github.com/open-i18n/rust-unic are unmaintained...
DoS vulnerability on `alloy_dyn_abi::TypedData` hashing
An uncaught panic triggered by malformed input to alloydynabi::TypedData could lead to a denial-of-service DoS via eip712signinghash. Software with high availability requirements such as network services may be particularly impacted. If in use, external auto-restarting mechanisms can partially...
soundness issue and unmaintained
All functions under wrflib::byteextract are simply wrapper of unsafe pointer offset and lacks sufficient checks to it pointer and offset parameter. wrflib is unmaintained...
Incorrect handling of embedded SVG and MathML leads to mutation XSS after removal
Affected versions of this crate did not correctly strip namespace-incompatible tags in certain situations, causing it to incorrectly account for differences between HTML, SVG, and MathML. This vulnerability only has an effect when the svg or math tag is allowed, because it relies on a tag being...
Pingora MadeYouReset HTTP/2 vulnerability
Pingora deployments using versions prior to 0.6.0 that include HTTP/2 server support may be affected by the vulnerability described in CVE-2025-8671. Under certain conditions, Pingora applications may allocate buffers before the HTTP/2 reset and resulting stream cancellation is processed by the...
`daemonize` is Unmaintained
There hasn't been any activity happening for this crate since June 3, 2023. No interactions on pull requests. Issues are disabled for the repo. Oldest PR sitting around without any interaction from the maintainer: knsd/daemonize50 On February 14, 2024, a PR was made to correct some UB. Efforts to...
`libyml::string::yaml_string_extend` is unsound and unmaintained
In version 0.0.4, libyml::string::yamlstringextend was revised resulting in undefined behaviour, which is unsound. The GitHub project for libyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommende...
serde_yml crate is unsound and unmaintained
Using serdeyml::ser::Serializer.emitter can cause a segmentation fault, which is unsound. The GitHub project for serdeyml was archived after unsoundness issues were raised. If you rely on this crate, it is highly recommended switching to a maintained alternative. Recommended alternatives -...
matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...
matrix-sdk-base: Panic in the `RoomMember::normalized_power_level()` method
In matrix-sdk-base before 0.14.1, calling the RoomMember::normalizedpowerlevel method can cause a panic if a room member has a power level of Int::Min...
The `google-apis-rs` project is now unmaintained
Instead, please start using and migrate to the official Google Rust bindings...
iron crate is unmaintained
The iron crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives See this comparison for popular alternatives...
crypto-hash crate is unmaintained
The crypto-hash crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - crypto-hashes...
servo-fontconfig crate is unmaintained
The servo-fontconfig crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - fontconfig-rs...
custom_derive crate is unmaintained
The customderive crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - strum - macro-attr...
fxhash - no longer maintained
The fxhash crate is no longer maintained. The repository is stale and owner is no longer active on GitHub. Please take a look at rustc-hash instead...
adler crate is unmaintained, use adler2 instead
The adler crate is no longer actively maintained. If you rely on this crate, consider switching to a maintained alternative. Recommended alternatives - adler2...