advisory-db

mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 07:46:22 +01:00

Author	SHA1	Message	Date
github-actions[bot]	4b01805939	Assigned RUSTSEC-2021-0094 to rdiff (#1000 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:46:40 -06:00
Ammar Askar	89842247a4	Add advisory for out-of-bounds read in rdiff (#862 ) * Add advisory for out-of-bounds read in rdiff * Update crates/rdiff/RUSTSEC-0000-0000.md Co-authored-by: Tony Arcieri <bascule@gmail.com>	2021-08-21 19:44:58 -06:00
github-actions[bot]	14af874fad	Assigned RUSTSEC-2021-0093 to crossbeam-deque (#999 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:44:22 -06:00
Taiki Endo	670b28875f	Add advisory for data race in crossbeam-deque (#970 )	2021-08-21 19:43:00 -06:00
github-actions[bot]	8d3e99a38a	Assigned RUSTSEC-2021-0092 to messagepack-rs (#998 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:41:04 -06:00
Ammar Askar	460ac8be0d	Add advisory for uninitialized exposure in messagepack-rs (#835 )	2021-08-21 19:39:40 -06:00
github-actions[bot]	cf6f9d252e	Assigned RUSTSEC-2021-0091 to gfx-auxil (#997 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:39:27 -06:00
Youngsuk Kim	22325889a4	gfx-auxil: `Read` on uninitialized buffer may cause UB ( `gfx_auxil::read_spirv()` ) (#681 ) * Report 0101-gfx-auxil to RustSec * add 'informational = unsound'	2021-08-21 19:38:06 -06:00
github-actions[bot]	2645debec2	Assigned RUSTSEC-2021-0090 to ash (#996 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:37:52 -06:00
Youngsuk Kim	690cf95635	ash: Reading on uninitialized memory may cause UB ( `util::read_spv()` ) (#680 ) * Report 0098-ash to RustSec * Add 'informational = unsound'	2021-08-21 19:36:30 -06:00
github-actions[bot]	7bf5619877	Assigned RUSTSEC-2021-0089 to raw-cpuid (#995 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:36:17 -06:00
Niklas Fiekas	7d12d9524b	raw-cpuid: Optional `Deserialize` implementations lacking validation (#671 )	2021-08-21 19:34:59 -06:00
github-actions[bot]	e6e533abfa	Assigned RUSTSEC-2021-0088 to csv-sniffer (#994 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:34:42 -06:00
Youngsuk Kim	2e4cdf36d0	csv-sniffer: reading on uninitialized memory may cause undefined behavior (#666 ) * Report 0092-csv-sniffer to RustSec * informational = "unsound"	2021-08-21 19:33:07 -06:00
github-actions[bot]	ec590b08b7	Assigned RUSTSEC-2020-0155 to acc_reader (#993 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:32:53 -06:00
Youngsuk Kim	25838dcf1d	acc_reader: API Soundness issue in `fill_buf()` and `read_up_to()` (#664 ) * Report 0079-acc_reader to RustSec * informational = "unsound"	2021-08-21 19:30:45 -06:00
github-actions[bot]	03144b1978	Assigned RUSTSEC-2020-0154 to buffoon (#992 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:30:23 -06:00
Youngsuk Kim	09e0afc373	buffoon: InputStream::read_exact : Reading into an uninitialized buffer may cause UB (#663 ) * Report 0081-buffoon to RustSec * informational = "unsound"	2021-08-21 19:28:07 -06:00
github-actions[bot]	06d14ff7f7	Assigned RUSTSEC-2021-0087 to columnar (#991 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:27:48 -06:00
Youngsuk Kim	72e61b6d12	columnar: Reading on uninitialized buffer may cause UB (#662 ) * Report 0102-columnar to RustSec * informational = "unsound"	2021-08-21 19:25:59 -06:00
github-actions[bot]	4a51eedb08	Assigned RUSTSEC-2021-0086 to flumedb (#990 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:25:44 -06:00
Youngsuk Kim	c487b0ceea	flumedb: Reading on uninitialized buffer may cause UB ( `read_entry()` ) (#661 ) * Report 0100-flumedb to RustSec * informational = "unsound"	2021-08-21 19:23:49 -06:00
github-actions[bot]	383c6359f5	Assigned RUSTSEC-2021-0085 to binjs_io (#989 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:23:35 -06:00
Youngsuk Kim	9e4db05abc	binjs_io: 'Read' on uninitialized memory may cause UB (#660 ) * Report 0088-binjs_io to RustSec * informational = "unsound"	2021-08-21 19:20:15 -06:00
github-actions[bot]	9039912764	Assigned RUSTSEC-2021-0084 to bronzedb-protocol (#988 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:20:01 -06:00
Youngsuk Kim	10843f8372	bronzedb-protocol: `Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`) (#659 ) * Report 0087-bronzedb-protocol to RustSec * informational = "unsound"	2021-08-21 19:18:33 -06:00
Alexis Mousset	e9382c8680	Fix typos in advisories (#976 )	2021-08-21 19:18:11 -06:00
github-actions[bot]	7765af95c4	Assigned RUSTSEC-2021-0083 to derive-com-impl (#987 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:17:47 -06:00
apennamen	ef71611e6a	Add advisory for potential memory corruption in derive-com-impl (#649 )	2021-08-21 19:16:19 -06:00
github-actions[bot]	9c5df457e5	Assigned RUSTSEC-2020-0153 to bite (#986 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:15:34 -06:00
Youngsuk Kim	b4b68c19bc	bite: Read on uninitialized memory (#593 ) * bite: Read on uninitialized memory * informational = "unsound"	2021-08-21 19:08:46 -06:00
github-actions[bot]	68d6f5afa9	Assigned RUSTSEC-2021-0082 to vec-const (#985 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-21 19:08:23 -06:00
Ben Kimock	01c59cafdb	Report vec-const as unsound (#981 ) Co-authored-by: Tony Arcieri <bascule@gmail.com>	2021-08-21 19:07:03 -06:00
diwic	f20b53ca89	Patched release of reffers (#984 ) I'm not sure anyone uses this old crate but if they do, at least now they have a fixed version.	2021-08-21 12:38:49 +03:00
Sergey "Shnatsel" Davidoff	e0fda3fe9b	add CVE alias to RUSTSEC-2021-0081(actix-http) (#983 )	2021-08-17 22:07:01 +03:00
kpcyrd	67da87fc89	Update RUSTSEC-2021-0080 [affected] version (#980 )	2021-08-11 00:54:42 +03:00
Remi Rampin	01bad82da9	Add fix for RUSTSEC-2021-0080 (#979 )	2021-08-10 19:52:04 +03:00
github-actions[bot]	e692597283	Assigned RUSTSEC-2021-0081 to actix-http (#978 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2021-08-10 12:12:52 +03:00
Rob Ede	7a42cb7e08	add advisory for actix-http HRS (#977 ) * add actix-http HRS * Update RUSTSEC-0000-0000.md * Update RUSTSEC-0000-0000.md * Adjust version ranges to make a hypothetical 4.0.0 patched * drop nonexistent category Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>	2021-08-10 12:11:38 +03:00
ZSchoen	541c537a23	added specific affected functions to CVE-2021-29922 (#975 ) Co-authored-by: Tony Arcieri <bascule@gmail.com>	2021-08-09 05:15:56 -07:00
github-actions[bot]	ce76490feb	Assigned RUSTSEC-2021-0080 to tar (#974 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-08 13:16:32 -07:00
kpcyrd	158cd653ca	Add directory traversal for tar (#965 ) Co-authored-by: Tony Arcieri <bascule@gmail.com>	2021-08-08 12:53:24 -07:00
github-actions[bot]	82ce1aa716	Assigned RUSTSEC-2021-0079 to hyper (#973 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-08 12:41:08 -07:00
BlackHoleFox	3a5de9c7b5	Add advisory for hyper Transfer-Encoding header parsing (#968 )	2021-08-08 12:39:37 -07:00
github-actions[bot]	255194ae7a	Assigned RUSTSEC-2021-0078 to hyper (#972 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-08-08 12:39:12 -07:00
BlackHoleFox	0148dead3a	Add advisory for hyper Content-Length header parsing (#967 )	2021-08-08 12:36:02 -07:00
ZSchoen	a81783c627	added CVE-2021-29922 (#971 )	2021-08-08 12:35:13 -07:00
github-actions[bot]	1db7602857	Assigned RUSTSEC-2021-0077 to better-macro (#969 ) Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>	2021-07-26 13:46:07 -07:00
Jeremy Fitzhardinge	8af7718d8f	better-macro has deliberate RCE in proc-macro (#966 ) It's "Proving A Point" in https://github.com/raycar5/better-macro/blob/master/doc/hi.md but there's no guarantee that this will remain benign (or is actually benign right now). The crate also has no useful functionality.	2021-07-26 13:39:47 -07:00
github-actions[bot]	e20838a4ff	Assigned RUSTSEC-2021-0076 to libsecp256k1 (#964 ) Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>	2021-07-13 15:47:59 +03:00

1 2 3 4 5 ...

1450 Commits