Update CVE numbers (#542)

crates/actix-codec/RUSTSEC-2020-0049.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0049"
 package = "actix-codec"
+aliases = ["CVE-2020-35902"]
 categories = ["memory-corruption"]
 date = "2020-01-30"
 url = "https://github.com/actix/actix-net/issues/91"

crates/actix-http/RUSTSEC-2020-0048.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0048"
 package = "actix-http"
+aliases = ["CVE-2020-35901"]
 categories = ["memory-corruption"]
 date = "2020-01-24"
 url = "https://github.com/actix/actix-web/issues/1321"

crates/actix-service/RUSTSEC-2020-0046.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0046"
 package = "actix-service"
+aliases = ["CVE-2020-35899"]
 categories = ["memory-corruption"]
 date = "2020-01-08"
 informational = "unsound"

crates/actix-utils/RUSTSEC-2020-0045.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0045"
 package = "actix-utils"
+aliases = ["CVE-2020-35898"]
 categories = ["memory-corruption"]
 date = "2020-01-08"
 informational = "unsound"

crates/alpm-rs/RUSTSEC-2020-0032.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0032"
 package = "alpm-rs"
+aliases = ["CVE-2020-35885"]
 date = "2020-08-20"
 informational = "unsound"
 url = "https://github.com/pigeonhands/rust-arch/issues/2"

crates/arr/RUSTSEC-2020-0034.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0034"
 package = "arr"
+aliases = ["CVE-2020-35886", "CVE-2020-35887", "CVE-2020-35888"]
 date = "2020-08-25"
 url = "https://github.com/sjep/array/issues/1"
 

crates/array-queue/RUSTSEC-2020-0047.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0047"
 package = "array-queue"
+aliases = ["CVE-2020-35900"]
 date = "2020-09-26"
 keywords = ["memory-corruption", "uninitialized-memory", "use-after-free"]
 url = "https://github.com/raviqqe/array-queue/issues/2"

crates/atom/RUSTSEC-2020-0044.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0044"
 package = "atom"
+aliases = ["CVE-2020-35897"]
 date = "2020-09-21"
 informational = "unsound"
 url = "https://github.com/slide-rs/atom/issues/13"

crates/bigint/RUSTSEC-2020-0025.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0025"
 package = "bigint"
+aliases = ["CVE-2020-35880"]
 date = "2020-05-07"
 informational = "unmaintained"
 url = "https://github.com/paritytech/bigint/commit/7e71521a61b009afc94c91135353102658550d42"

crates/bitvec/RUSTSEC-2020-0007.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0007"
 package = "bitvec"
+aliases = ["CVE-2020-35862"]
 categories = ["memory-corruption"]
 date = "2020-03-27"
 url = "https://github.com/myrrlyn/bitvec/issues/55"

crates/branca/RUSTSEC-2020-0075.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0075"
 package = "branca"
+aliases = ["CVE-2020-35918"]
 date = "2020-11-29"
 url = "https://github.com/return/branca/issues/24"
 categories = ["denial-of-service"]

crates/bumpalo/RUSTSEC-2020-0006.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0006"
 package = "bumpalo"
+aliases = ["CVE-2020-35861"]
 categories = ["memory-exposure"]
 date = "2020-03-24"
 url = "https://github.com/fitzgen/bumpalo/issues/69"

crates/cbox/RUSTSEC-2020-0005.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0005"
 package = "cbox"
+aliases = ["CVE-2020-35860"]
 categories = ["memory-corruption"]
 date = "2020-03-19"
 url = "https://github.com/TomBebbington/cbox-rs/issues/2"

crates/chacha20/RUSTSEC-2019-0029.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0029"
 package = "chacha20"
+aliases = ["CVE-2019-25005"]
 categories = ["crypto-failure"]
 date = "2019-10-22"
 url = "https://github.com/RustCrypto/stream-ciphers/pull/64"

crates/concread/RUSTSEC-2020-0092.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0092"
 package = "concread"
+aliases = ["CVE-2020-35928"]
 date = "2020-11-13"
 url = "https://github.com/kanidm/concread/issues/48"
 informational = "unsound"

crates/crayon/RUSTSEC-2020-0037.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0037"
 package = "crayon"
+aliases = ["CVE-2020-35889"]
 date = "2020-08-31"
 informational = "unsound"
 url = "https://github.com/shawnscode/crayon/issues/87"

crates/crossbeam-channel/RUSTSEC-2020-0052.md

@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0052"
 package = "crossbeam-channel"
-aliases = ["CVE-2020-15254", "GHSA-v5m7-53cv-f3hx"]
+aliases = ["CVE-2020-35904", "CVE-2020-15254", "GHSA-v5m7-53cv-f3hx"]
 categories = ["memory-corruption"]
 date = "2020-06-26"
 url = "https://github.com/crossbeam-rs/crossbeam/pull/533"

crates/dync/RUSTSEC-2020-0050.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0050"
 package = "dync"
+aliases = ["CVE-2020-35903"]
 date = "2020-09-27"
 informational = "unsound"
 url = "https://github.com/elrnv/dync/issues/4"

crates/failure/RUSTSEC-2019-0036.md

@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0036"
 package = "failure"
-aliases = ["CVE-2020-25575"]
+aliases = ["CVE-2020-25575", "CVE-2019-25010"]
 date = "2019-11-13"
 informational = "unsound"
 keywords = ["unsound"]

crates/flatbuffers/RUSTSEC-2019-0028.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0028"
 package = "flatbuffers"
+aliases = ["CVE-2019-25004"]
 date = "2019-10-20"
 url = "https://github.com/google/flatbuffers/issues/5530"
 

crates/flatbuffers/RUSTSEC-2020-0009.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0009"
 package = "flatbuffers"
+aliases = ["CVE-2020-35864"]
 date = "2020-04-11"
 url = "https://github.com/google/flatbuffers/issues/5825"
 

crates/futures-intrusive/RUSTSEC-2020-0072.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0072"
 package = "futures-intrusive"
+aliases = ["CVE-2020-35915"]
 date = "2020-10-31"
 url = "https://github.com/Matthias247/futures-intrusive/issues/53"
 categories = ["memory-corruption"]

crates/futures-task/RUSTSEC-2020-0060.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0060"
 package = "futures-task"
+aliases = ["CVE-2020-35906"]
 date = "2020-09-04"
 url = "https://github.com/rust-lang/futures-rs/pull/2206"
 categories = ["code-execution", "memory-corruption"]

crates/futures-task/RUSTSEC-2020-0061.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0061"
 package = "futures-task"
+aliases = ["CVE-2020-35907"]
 date = "2020-05-03"
 url = "https://github.com/rust-lang/futures-rs/issues/2091"
 categories = ["denial-of-service"]

crates/futures-util/RUSTSEC-2020-0059.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0059"
 package = "futures-util"
+aliases = ["CVE-2020-35905"]
 date = "2020-10-22"
 url = "https://github.com/rust-lang/futures-rs/issues/2239"
 categories = ["memory-corruption"]

crates/futures-util/RUSTSEC-2020-0062.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0062"
 package = "futures-util"
+aliases = ["CVE-2020-35908"]
 date = "2020-01-24"
 url = "https://github.com/rust-lang/futures-rs/issues/2050"
 categories = ["memory-corruption"]

crates/http/RUSTSEC-2019-0033.md

@@ -2,7 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0033"
 package = "http"
-aliases = ["CVE-2020-25574"]
+aliases = ["CVE-2020-25574", "CVE-2019-25008"]
 categories = ["denial-of-service"]
 date = "2019-11-16"
 keywords = ["http", "integer-overflow", "DoS"]

crates/http/RUSTSEC-2019-0034.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0034"
 package = "http"
+aliases = ["CVE-2020-25009"]
 categories = ["memory-corruption"]
 date = "2019-11-16"
 keywords = ["memory-safety", "double-free", "unsound"]

crates/hyper/RUSTSEC-2020-0008.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0008"
 package = "hyper"
+aliases = ["CVE-2020-35863"]
 categories = ["format-injection"]
 date = "2020-03-19"
 keywords = ["http", "request-smuggling"]

crates/image/RUSTSEC-2020-0073.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0073"
 package = "image"
+aliases = ["CVE-2020-35916"]
 date = "2020-11-12"
 url = "https://github.com/image-rs/image/issues/1357"
 informational = "unsound"

crates/internment/RUSTSEC-2020-0017.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0017"
 package = "internment"
+aliases = ["CVE-2020-35874"]
 categories = ["memory-corruption"]
 date = "2020-05-28"
 url = "https://github.com/droundy/internment/issues/11"

crates/libsecp256k1/RUSTSEC-2019-0027.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0027"
 package = "libsecp256k1"
+aliases = ["CVE-2019-25003"]
 categories = ["crypto-failure"]
 date = "2019-10-14"
 keywords = ["crypto", "sidechannel"]

crates/lock_api/RUSTSEC-2020-0070.md

@@ -2,6 +2,13 @@
 [advisory]
 id = "RUSTSEC-2020-0070"
 package = "lock_api"
+aliases = [
+    "CVE-2020-35910",
+    "CVE-2020-35911",
+    "CVE-2020-35912",
+    "CVE-2020-35913",
+    "CVE-2020-35914",
+]
 date = "2020-11-08"
 url = "https://github.com/Amanieu/parking_lot/pull/262"
 categories = ["memory-corruption"]

crates/lucet-runtime-internals/RUSTSEC-2020-0004.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0004"
 package = "lucet-runtime-internals"
+aliases = ["CVE-2020-35859"]
 categories = ["memory-corruption", "memory-exposure"]
 date = "2020-01-24"
 url = "https://github.com/bytecodealliance/lucet/pull/401"

crates/magnetic/RUSTSEC-2020-0088.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0088"
 package = "magnetic"
+aliases = ["CVE-2020-35925"]
 date = "2020-11-29"
 url = "https://github.com/johnshaw/magnetic/issues/9"
 

crates/mio/RUSTSEC-2020-0081.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0081"
 package = "mio"
+aliases = ["CVE-2020-35922"]
 date = "2020-11-02"
 url = "https://github.com/tokio-rs/mio/issues/1386"
 keywords = ["memory", "layout", "cast"]

crates/miow/RUSTSEC-2020-0080.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0080"
 package = "miow"
+aliases = ["CVE-2020-35921"]
 date = "2020-11-13"
 url = "https://github.com/yoshuawuyts/miow/issues/38"
 keywords = ["memory", "layout", "cast"]

crates/mozwire/RUSTSEC-2020-0030.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0030"
 package = "mozwire"
+aliases = ["CVE-2020-35883"]
 categories = []
 date = "2020-08-18"
 keywords = ["file-overwrite"]

crates/multihash/RUSTSEC-2020-0068.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0068"
 package = "multihash"
+aliases = ["CVE-2020-35909"]
 date = "2020-11-08"
 url = "https://github.com/multiformats/rust-multihash/pull/72"
 categories = ["denial-of-service"]

crates/nanorand/RUSTSEC-2020-0089.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0089"
 package = "nanorand"
+aliases = ["CVE-2020-35926"]
 date = "2020-12-09"
 url = "https://twitter.com/aspenluxxxy/status/1336684692284772352"
 categories = ["crypto-failure"]

crates/net2/RUSTSEC-2020-0078.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0078"
 package = "net2"
+aliases = ["CVE-2020-35920"]
 date = "2020-11-07"
 url = "https://github.com/deprecrated/net2-rs/issues/105"
 keywords = ["memory", "layout", "cast"]

crates/obstack/RUSTSEC-2020-0040.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0040"
 package = "obstack"
+aliases = ["CVE-2020-35894"]
 date = "2020-09-03"
 informational = "unsound"
 url = "https://github.com/petertodd/rust-obstack/issues/4"

crates/ordered-float/RUSTSEC-2020-0082.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0082"
 package = "ordered-float"
+aliases = ["CVE-2020-35923"]
 date = "2020-12-06"
 url = "https://github.com/reem/rust-ordered-float/pull/71"
 categories = []

crates/ordnung/RUSTSEC-2020-0038.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0038"
 package = "ordnung"
+aliases = ["CVE-2020-35890", "CVE-2020-35891"]
 date = "2020-09-03"
 url = "https://github.com/maciejhirsz/ordnung/issues/8"
 

crates/os_str_bytes/RUSTSEC-2020-0012.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0012"
 package = "os_str_bytes"
+aliases = ["CVE-2020-35865"]
 date = "2020-04-24"
 url = "https://github.com/dylni/os_str_bytes/pull/1"
 

crates/ozone/RUSTSEC-2020-0022.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0022"
 package = "ozone"
+aliases = ["CVE-2020-35877", "CVE-2020-35878"]
 date = "2020-07-04"
 
 [versions]

crates/prost/RUSTSEC-2020-0002.md

@@ -4,6 +4,7 @@ categories = ["denial-of-service", "memory-corruption"]
 date = "2020-01-16"
 id = "RUSTSEC-2020-0002"
 package = "prost"
+aliases = ["CVE-2020-35858"]
 keywords = ["stack overflow"]
 url = "https://github.com/danburkert/prost/issues/267"
 

crates/pyo3/RUSTSEC-2020-0074.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0074"
 package = "pyo3"
+aliases = ["CVE-2020-35917"]
 date = "2020-11-28"
 url = "https://github.com/PyO3/pyo3/pull/1297"
 keywords = ["memory-corruption"]

crates/rio/RUSTSEC-2020-0021.md

@@ -4,6 +4,7 @@ categories = ["memory-corruption", "memory-exposure"]
 date = "2020-05-11"
 id = "RUSTSEC-2020-0021"
 package = "rio"
+aliases = ["CVE-2020-35876"]
 url = "https://github.com/spacejam/rio/issues/11"
 
 [versions]

crates/rocket/RUSTSEC-2020-0028.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0028"
 package = "rocket"
+aliases = ["CVE-2020-35882"]
 date = "2020-05-27"
 informational = "unsound"
 url = "https://github.com/SergioBenitez/Rocket/issues/1312"

crates/rulinalg/RUSTSEC-2020-0023.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0023"
 package = "rulinalg"
+aliases = ["CVE-2020-35879"]
 date = "2020-02-11"
 url = "https://github.com/AtheMathmo/rulinalg/issues/201"
 

crates/rusqlite/RUSTSEC-2020-0014.md

@@ -2,6 +2,16 @@
 [advisory]
 id = "RUSTSEC-2020-0014"
 package = "rusqlite"
+aliases = [
+    "CVE-2020-35866",
+    "CVE-2020-35867",
+    "CVE-2020-35868",
+    "CVE-2020-35869",
+    "CVE-2020-35870",
+    "CVE-2020-35871",
+    "CVE-2020-35872",
+    "CVE-2020-35873",
+]
 date = "2020-04-23"
 url = "https://github.com/rusqlite/rusqlite/releases/tag/0.23.0"
 

crates/serde_cbor/RUSTSEC-2019-0025.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0025"
 package = "serde_cbor"
+aliases = ["CVE-2019-25001"]
 categories = ["crypto-failure"]
 date = "2019-10-03"
 keywords = ["stack-overflow", "crash", "denial-of-service"]

crates/simple-slab/RUSTSEC-2020-0039.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0039"
 package = "simple-slab"
+aliases = ["CVE-2020-35892", "CVE-2020-35893"]
 date = "2020-09-03"
 url = "https://github.com/nathansizemore/simple-slab/issues/2"
 

crates/sodiumoxide/RUSTSEC-2019-0026.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0026"
 package = "sodiumoxide"
+aliases = ["CVE-2019-25002"]
 date = "2019-10-11"
 keywords = ["cryptography"]
 url = "https://github.com/sodiumoxide/sodiumoxide/pull/381"

crates/stack/RUSTSEC-2020-0042.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0042"
 package = "stack"
+aliases = ["CVE-2020-35895"]
 date = "2020-09-24"
 url = "https://github.com/arcnmx/stack-rs/issues/4"
 

crates/streebog/RUSTSEC-2019-0030.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2019-0030"
 package = "streebog"
+aliases = ["CVE-2020-25575", "CVE-2019-25006", "CVE-2019-25007"]
 categories = ["crypto-failure"]
 date = "2019-10-06"
 url = "https://github.com/RustCrypto/hashes/pull/91"

crates/thex/RUSTSEC-2020-0090.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0090"
 package = "thex"
+aliases = ["CVE-2020-35927"]
 date = "2020-12-08"
 categories = ["memory-corruption"]
 keywords = ["concurrency"]

crates/tiny_http/RUSTSEC-2020-0031.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0031"
 package = "tiny_http"
+aliases = ["CVE-2020-35884"]
 date = "2020-06-16"
 keywords = ["http", "request-smuggling"]
 url = "https://github.com/tiny-http/tiny-http/issues/173"

crates/tokio-rustls/RUSTSEC-2020-0019.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0019"
 package = "tokio-rustls"
+aliases = ["CVE-2020-35875"]
 categories = ["denial-of-service"]
 date = "2020-05-19"
 keywords = ["tls", "ssl", "DoS"]

crates/traitobject/RUSTSEC-2020-0027.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0027"
 package = "traitobject"
+aliases = ["CVE-2020-35881"]
 categories = ["memory-corruption"]
 date = "2020-06-01"
 informational = "unsound"

crates/trust-dns-server/RUSTSEC-2020-0001.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0001"
 package = "trust-dns-server"
+aliases = ["CVE-2020-35857"]
 categories = ["denial-of-service"]
 date = "2020-01-06"
 keywords = ["stack-overflow", "crash"]

crates/try-mutex/RUSTSEC-2020-0087.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0087"
 package = "try-mutex"
+aliases = ["CVE-2020-35924"]
 date = "2020-11-17"
 url = "https://github.com/mpdn/try-mutex/issues/2"
 

crates/ws/RUSTSEC-2020-0043.md

@@ -2,6 +2,7 @@
 [advisory]
 id = "RUSTSEC-2020-0043"
 package = "ws"
+aliases = ["CVE-2020-35896"]
 categories = ["denial-of-service"]
 date = "2020-09-25"
 keywords = ["websocket", "dos", "ddos", "oom", "memory", "remotely"]