OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 15:56:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,297 Commits 1 Branch 0 Tags
212746804243b1ae505e319bc5382c35c1d350ec
Commit Graph

1297 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Shnatsel
2127468042 Assigned RUSTSEC-2020-0149 to appendix, RUSTSEC-2021-0049 to through 2021-03-30 02:24:36 +00:00
Sergey "Shnatsel" Davidoff
542f10cf16 Merge pull request #850 from ammaraskar/through 
Report double-free in through crate
 2021-03-30 04:23:56 +02:00
Sergey "Shnatsel" Davidoff
ce9e6f4187 Merge pull request #852 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0048 to stackvector
 2021-03-30 04:23:13 +02:00
Sergey "Shnatsel" Davidoff
3e5e0df85c Merge pull request #848 from ammaraskar/appendix 
Report data race and memory safety issue in appendix
 2021-03-30 04:23:03 +02:00
Shnatsel
508a2af02c Assigned RUSTSEC-2021-0048 to stackvector 2021-03-30 02:22:34 +00:00
Sergey "Shnatsel" Davidoff
2b53054c5f Merge pull request #847 from ammaraskar/stackvector 
Report out-of-bounds write in stackvec
 2021-03-30 04:21:45 +02:00
Sergey "Shnatsel" Davidoff
2010e5c53c Merge pull request #851 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0047 to slice-deque
 2021-03-30 04:21:26 +02:00
Shnatsel
7eb0c5eb27 Assigned RUSTSEC-2021-0047 to slice-deque 2021-03-30 02:20:34 +00:00
Sergey "Shnatsel" Davidoff
e60d4aa2ad Merge pull request #846 from ammaraskar/slice-deque 
Report double-free in slice-deque
 2021-03-30 04:19:36 +02:00
Ammar Askar
7a48c26392 Report double-free in through crate 2021-03-29 13:10:43 -07:00
Ammar Askar
4b209813ab Report data race and memory safety issue in appendix 2021-03-29 11:15:24 -07:00
Ammar Askar
d93ffb22ef Report out-of-bounds write in stackvec 2021-03-29 09:47:23 -07:00
Ammar Askar
727cea2410 Report double-free in slice-deque 2021-03-29 08:57:15 -07:00
Sergey "Shnatsel" Davidoff
7794fa13c9 Merge pull request #845 from amousset/patch-2 
RUSTSEC-2021-0020 is fixed in hyper 0.12.36 too
 2021-03-29 14:20:42 +02:00
Alexis Mousset
b10d085c36 RUSTSEC-2021-0020 is fixed in hyper 0.12.36 too 
See https://github.com/hyperium/hyper/blob/0.12.x/CHANGELOG.md#v01236-2021-02-17

Fix was backported to 0.12.x in https://github.com/hyperium/hyper/pull/2436 and released in 0.12.36.
 2021-03-29 13:59:27 +02:00
Sergey "Shnatsel" Davidoff
03c8e18b8e Merge pull request #844 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0046 to telemetry
 2021-03-29 08:55:40 +02:00
Shnatsel
de97e74044 Assigned RUSTSEC-2021-0046 to telemetry 2021-03-29 06:55:04 +00:00
Sergey "Shnatsel" Davidoff
5f91ab66a3 Merge pull request #843 from ammaraskar/telemetry 
Report uninitialized memory drop on panic in telemetry
 2021-03-29 08:54:38 +02:00
Ammar Askar
e46aa5b08f Report uninitialized memory drop on panic in telemetry 2021-03-28 23:47:51 -07:00
Sergey "Shnatsel" Davidoff
f465e9183f Merge pull request #842 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0045 to adtensor
 2021-03-29 08:34:35 +02:00
Shnatsel
14cf0de07c Assigned RUSTSEC-2021-0045 to adtensor 2021-03-29 06:34:28 +00:00
Sergey "Shnatsel" Davidoff
6b8dc890ce Merge pull request #841 from ammaraskar/adtensor 
Report uninitialized memory drop in adtensor
 2021-03-29 08:33:49 +02:00
Ammar Askar
4418b8d1a3 Report uninitialized memory drop in adtensor 2021-03-28 23:32:12 -07:00
Sergey "Shnatsel" Davidoff
47e6d36466 Merge pull request #840 from RustSec/assign-ids 
Assigned RUSTSEC-2020-0148 to cgc
 2021-03-26 20:16:27 +01:00
Shnatsel
36b0c9b40e Assigned RUSTSEC-2020-0148 to cgc 2021-03-26 19:11:23 +00:00
Sergey "Shnatsel" Davidoff
43c54feb9d Merge pull request #839 from ammaraskar/cgc 
Add advisory for multiple issues in cgc
 2021-03-26 20:10:17 +01:00
Ammar Askar
c8604c2616 Add advisory for multiple issues in cgc 2021-03-26 08:48:57 -07:00
github-actions[bot]
ca8a60b7be Assigned RUSTSEC-2021-0044 to rocket (#838) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-03-26 10:23:59 -04:00
Ammar Askar
8f7af7c6c5 [patched] Add advisory for use-after-free in rocket (#834) 
* Add advisory for use-after-free in rocket

* Clarify that the UAF can only happen during or after unwinding
 2021-03-26 10:17:31 -04:00
github-actions[bot]
40e78f4922 Assigned RUSTSEC-2021-0043 to uu_od (#837) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-03-26 09:07:17 -04:00
Ammar Askar
6265d0dc36 Add advisory for uninitialized exposure in uu_od (#836) 2021-03-26 09:05:12 -04:00
Sergey "Shnatsel" Davidoff
cc8f4f0615 Merge pull request #833 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0042 to insert_many
 2021-03-26 07:44:58 +01:00
Shnatsel
996a3eca3b Assigned RUSTSEC-2021-0042 to insert_many 2021-03-26 06:43:47 +00:00
Sergey "Shnatsel" Davidoff
a1aa708b13 Merge pull request #832 from ammaraskar/insert_many 
Add advisory for double-free in insert_many
 2021-03-26 07:43:21 +01:00
Ammar Askar
c742f10bbd Add advisory for double-free in insert_many 2021-03-25 22:57:00 -07:00
github-actions[bot]
3ddeb5c6cf Assigned RUSTSEC-2021-0041 to parse_duration (#829) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-03-24 21:45:20 -07:00
Disconnect3d
3864def6bf parse_duration: parse DoS through payloads with big exponent (#827) 2021-03-24 21:43:09 -07:00
Yechan Bae
cda5b3ffd4 Update CVE numbers (#828) 2021-03-19 14:21:58 -07:00
Tony Arcieri
f960a50364 Have master-to-main mirror force push (#822) 
Not sure quote what the problem is, but it's erroring:
https://github.com/RustSec/advisory-db/runs/2051631730?check_suite_focus=true
 2021-03-07 10:44:24 -08:00
Tony Arcieri
7b10b2e7a1 Fix main -> master mirroring (#821) 2021-03-07 10:39:38 -08:00
Tony Arcieri
2c43b7001e Rename master branch to main (#820) 
Per #312
 2021-03-07 10:29:41 -08:00
Tony Arcieri
ad84df90d7 Mirror 'main' branch to 'master' (#819) 
The 'master' branch has been renamed to 'main' per:

https://github.com/RustSec/advisory-db/issues/312

However older clients are still consuming the 'master' branch.

This commit adds a GitHub Actions job which mirrors the 'main' branch to
'master' to continue supporting these older clients.
 2021-03-07 10:18:34 -08:00
Tony Arcieri
0487b3fc94 README.md: fix "Report Vulnerability" button (#818) 2021-03-07 09:40:34 -08:00
Sergey "Shnatsel" Davidoff
e391658d24 Merge pull request #817 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0040 to arenavec
 2021-03-07 16:10:25 +01:00
Shnatsel
0bc081bb02 Assigned RUSTSEC-2021-0040 to arenavec 2021-03-07 15:10:05 +00:00
Sergey "Shnatsel" Davidoff
bcdb169985 Merge pull request #815 from JOE1994/0109-arenavec 
arenavec: potential double drop or uninitialized memory drop upon panic
 2021-03-07 16:09:38 +01:00
Sergey "Shnatsel" Davidoff
caf713f271 Merge pull request #816 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0039 to endian_trait
 2021-03-07 16:09:17 +01:00
Shnatsel
f2f59e4ec9 Assigned RUSTSEC-2021-0039 to endian_trait 2021-03-07 15:08:31 +00:00
Sergey "Shnatsel" Davidoff
93a881f6fc Merge pull request #814 from JOE1994/0090-endian_trait 
endian_trait: panic in user-provided `Endian` impl triggers double drop of T
 2021-03-07 16:08:04 +01:00
Youngsuk Kim
c2248b0eef arenavec: update advisory title to clarify issue 2021-03-07 09:21:06 -05:00