OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-30 16:24:05 +01:00
Code Issues Packages Projects Releases Wiki Activity
2,071 Commits 1 Branch 0 Tags
3338fcfb59cea5fcd7d2a4e7fe24cbc7cb778003
Commit Graph

19 Commits

Author SHA1 Message Date
Alexis Mousset
c2b1e4cab4 Update aliases from GHSA OSV export (#1727) 2023-07-08 14:30:19 +02:00
github-actions[bot]
29b04da119 Assigned RUSTSEC-2023-0044 to openssl (#1720) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2023-06-20 17:34:12 -04:00
Alex Gaynor
e8534eadc5 Report buffer-overread in OpenSSL (#1719) 
* Report buffer-overread in OpenSSL

* Rename RUSTSEC-0000-0000 to RUSTSEC-0000-0000.md
 2023-06-20 21:32:25 +00:00
Alexis Mousset
84c633df9c Update aliases from GHSA OSV export (#1693) 2023-06-13 15:10:24 +02:00
github-actions[bot]
cda37f498a Assigned RUSTSEC-2023-0024 to openssl (#1659) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2023-03-23 22:55:44 -04:00
Paul Kehrer
be5a1c9d27 X509Extension::new and X509Extension::new_nid null ptr deref (#1658) 2023-03-23 22:55:14 -04:00
github-actions[bot]
221585e32d Assigned RUSTSEC-2023-0023 to openssl (#1657) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2023-03-23 22:47:26 -04:00
Paul Kehrer
5a9bbcceed openssl SubjectAlternativeName and ExtendedKeyUsage::other allow arbitrary file read (#1656) 
* openssl file disclosure

* Update crates/openssl/RUSTSEC-0000-0000.md

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>

---------

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
 2023-03-23 22:46:37 -04:00
github-actions[bot]
f863caf8fd Assigned RUSTSEC-2023-0022 to openssl (#1655) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2023-03-23 22:21:14 -04:00
Paul Kehrer
929acd512d openssl X509NameBuilder::build thread safety (#1654) 
* openssl X509NameBuilder::build thread safety

* Update crates/openssl/RUSTSEC-0000-0000.md

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>

---------

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
 2023-03-23 22:20:39 -04:00
Alexis Mousset
8c05fea5fa Add cvss information from nvd (#1085) 2021-10-19 16:14:35 -06:00
Tony Arcieri
ac125ee29a Translate database into V3 advisory format (#420) 
As proposed in #240 and tracked in #414, this PR translates all
advisories into the new "V3" advisory format, which is based on Markdown
with leading TOML front matter.

This format makes it easier to see rendered Markdown syntax
descriptions, whether rendered by an IDE or GitHub. This should help
with both crafting advisories initially as well as review, and ideally
encourages more lengthy descriptions.

Support for this format shipped in `cargo-audit` v0.12.0 on
May 6th, 2020.
 2020-10-01 18:29:11 -07:00
Sergey "Shnatsel" Davidoff
7797133c67 Add CVE mapping 2020-03-18 17:15:13 +01:00
Tony Arcieri
64c17acfe3 Migrate all advisories to V2 format (closes #228) 
As announced in #228, this commit migrates all advisories to the new V2
format, which splits version information into a separate section, and
now has a structure which corresponds to the internal code structure of
the `rustsec` crate.

This is a breaking change for users of `cargo-audit` < 0.9, and anyone
who has written a 3rd party advisory format parser.
 2020-03-01 10:46:35 -08:00
Tony Arcieri
ac8b248cfd Assign RUSTSEC-2018-0010 to openssl 
Original PR: https://github.com/RustSec/advisory-db/pull/77
 2018-12-16 10:08:17 -08:00
Alex Gaynor
dc704601c0 Request RUSTSEC for resolved UAF in OpenSSL 2018-12-10 19:48:20 -05:00
Tony Arcieri
2d9a2632a7 Keywords 
Documents the new `keywords` attribute and adds keywords to all current
advisories. These can be consumed by the web UI.
 2018-07-24 16:02:35 -07:00
Tony Arcieri
09e3a9eb76 Assign RUSTSEC-2016-0001 to openssl 
Original PR:

https://github.com/RustSec/advisory-db/pull/19
 2018-07-24 10:48:20 -07:00
Tony Arcieri
72a4178ca1 Advisory: openssl <0.9.0 may be vulnerable to MitM due to weak defaults 2018-07-24 10:47:29 -07:00