OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 15:56:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,473 Commits 1 Branch 0 Tags
4b4a4d8d887ee85b5909c8a418f21d1cbfd7df87
Commit Graph

1473 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
github-actions[bot]
4b4a4d8d88 Assigned RUSTSEC-2021-0104 to pleaser (#1029) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-09-09 17:51:08 -04:00
Jon Moroney
951070000d Add rustsec advisory for GHSA-f3fg-5j9p-vchc (#1020) 2021-09-09 17:49:39 -04:00
github-actions[bot]
8e5d566ef0 Assigned RUSTSEC-2021-0103 to molecule (#1028) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-09-09 17:49:20 -04:00
Jon Moroney
9a81b244aa Add rustsec advisory for GHSA-82hm-vh7g-hrh9 (#1021) 2021-09-09 17:48:07 -04:00
github-actions[bot]
9dbe26271a Assigned RUSTSEC-2021-0102 to pleaser (#1027) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-09-09 17:47:42 -04:00
Jon Moroney
841ecbf1b2 Add rustsec advisory for GHSA-pp74-39w2-v4w9 (#1016) 2021-09-09 17:45:16 -04:00
github-actions[bot]
b59e06ec22 Assigned RUSTSEC-2021-0101 to pleaser (#1026) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-09-09 17:38:52 -04:00
Jon Moroney
27820b701d Add rustsec advisory for GHSA-vc5p-j8vw-mc6x (#1014) 2021-09-09 17:36:33 -04:00
github-actions[bot]
3e31699c08 Assigned RUSTSEC-2021-0100 to sha2 (#1013) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-09-09 10:22:48 -06:00
Tony Arcieri
4744ee629e Add sha2 v0.9.7 AVX2 bug (#1012) 2021-09-09 10:14:52 -06:00
github-actions[bot]
138fb15795 Assigned RUSTSEC-2021-0099 to cosmos_sdk (#1011) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-25 08:54:10 -06:00
Tony Arcieri
0f2bc2d6ee Add unmaintained crate advisory for cosmos_sdk (#1010) 
It has been renamed to `cosmrs`:

https://github.com/cosmos/cosmos-rust/tree/main/cosmrs
 2021-08-25 08:47:17 -06:00
github-actions[bot]
1be9534293 Assigned RUSTSEC-2021-0098 to openssl-src (#1009) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-08-24 17:53:35 +02:00
Alexis Mousset
10b6f1e350 add cve-2021-3712 for openssl-src (#1007) 2021-08-24 17:52:03 +02:00
github-actions[bot]
ceea398762 Assigned RUSTSEC-2021-0097 to openssl-src (#1008) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-24 09:37:57 -06:00
Alexis Mousset
100b12d997 add cve-2021-3711 for openssl-src (#1006) 2021-08-24 09:36:20 -06:00
github-actions[bot]
9f1d4c902c Assigned RUSTSEC-2021-0096 to spirv_headers (#1005) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-23 08:34:15 -06:00
Jasper Bekkers
2f117ce3f1 spirv_headers is deprecated (#982) 
* spirv_headers is deprecated

* Update crates/spirv_headers/RUSTSEC-0000-0000

Co-authored-by: Tony Arcieri <bascule@gmail.com>

* Rename RUSTSEC-0000-0000 to RUSTSEC-0000-0000.md

Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2021-08-23 08:17:39 -06:00
Marijn Suijten
d711272311 ash: RUSTSEC-2021-0090 has been patched in 0.33.1 (#1004) 
https://github.com/MaikKlein/ash/issues/354 was fixed in https://github.com/MaikKlein/ash/pull/470.
 2021-08-23 15:04:28 +03:00
Sergey "Shnatsel" Davidoff
45f9665f13 Fix CVE alias CVE-2020-35920 (#1003) 
* drop wrong alias in net2 advisory

* add CVE-2020-35920 alias to the proper crate
 2021-08-23 13:51:39 +03:00
Niklas Fiekas
101d914e04 RUSTSEC-2021-0089 has been patched in raw-cpuid 9.1.1 (#1002) 2021-08-22 12:43:52 +03:00
github-actions[bot]
b6a20c1ba3 Assigned RUSTSEC-2021-0095 to mopa (#1001) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:48:14 -06:00
kotauskas
59cdbf2173 mopa is technically unsound (#927) 
* Added the mopa vulnerability

* Update crates/mopa/RUSTSEC-0000-0000.md

Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2021-08-21 19:46:55 -06:00
github-actions[bot]
4b01805939 Assigned RUSTSEC-2021-0094 to rdiff (#1000) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:46:40 -06:00
Ammar Askar
89842247a4 Add advisory for out-of-bounds read in rdiff (#862) 
* Add advisory for out-of-bounds read in rdiff

* Update crates/rdiff/RUSTSEC-0000-0000.md

Co-authored-by: Tony Arcieri <bascule@gmail.com>
 2021-08-21 19:44:58 -06:00
github-actions[bot]
14af874fad Assigned RUSTSEC-2021-0093 to crossbeam-deque (#999) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:44:22 -06:00
Taiki Endo
670b28875f Add advisory for data race in crossbeam-deque (#970) 2021-08-21 19:43:00 -06:00
github-actions[bot]
8d3e99a38a Assigned RUSTSEC-2021-0092 to messagepack-rs (#998) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:41:04 -06:00
Ammar Askar
460ac8be0d Add advisory for uninitialized exposure in messagepack-rs (#835) 2021-08-21 19:39:40 -06:00
github-actions[bot]
cf6f9d252e Assigned RUSTSEC-2021-0091 to gfx-auxil (#997) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:39:27 -06:00
Youngsuk Kim
22325889a4 gfx-auxil: Read on uninitialized buffer may cause UB ( gfx_auxil::read_spirv() ) (#681) 
* Report 0101-gfx-auxil to RustSec

* add 'informational = unsound'
 2021-08-21 19:38:06 -06:00
github-actions[bot]
2645debec2 Assigned RUSTSEC-2021-0090 to ash (#996) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:37:52 -06:00
Youngsuk Kim
690cf95635 ash: Reading on uninitialized memory may cause UB ( util::read_spv() ) (#680) 
* Report 0098-ash to RustSec

* Add 'informational = unsound'
 2021-08-21 19:36:30 -06:00
github-actions[bot]
7bf5619877 Assigned RUSTSEC-2021-0089 to raw-cpuid (#995) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:36:17 -06:00
Niklas Fiekas
7d12d9524b raw-cpuid: Optional Deserialize implementations lacking validation (#671) 2021-08-21 19:34:59 -06:00
github-actions[bot]
e6e533abfa Assigned RUSTSEC-2021-0088 to csv-sniffer (#994) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:34:42 -06:00
Youngsuk Kim
2e4cdf36d0 csv-sniffer: reading on uninitialized memory may cause undefined behavior (#666) 
* Report 0092-csv-sniffer to RustSec

* informational = "unsound"
 2021-08-21 19:33:07 -06:00
github-actions[bot]
ec590b08b7 Assigned RUSTSEC-2020-0155 to acc_reader (#993) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:32:53 -06:00
Youngsuk Kim
25838dcf1d acc_reader: API Soundness issue in fill_buf() and read_up_to() (#664) 
* Report 0079-acc_reader to RustSec

* informational = "unsound"
 2021-08-21 19:30:45 -06:00
github-actions[bot]
03144b1978 Assigned RUSTSEC-2020-0154 to buffoon (#992) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:30:23 -06:00
Youngsuk Kim
09e0afc373 buffoon: InputStream::read_exact : Reading into an uninitialized buffer may cause UB (#663) 
* Report 0081-buffoon to RustSec

* informational = "unsound"
 2021-08-21 19:28:07 -06:00
github-actions[bot]
06d14ff7f7 Assigned RUSTSEC-2021-0087 to columnar (#991) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:27:48 -06:00
Youngsuk Kim
72e61b6d12 columnar: Reading on uninitialized buffer may cause UB (#662) 
* Report 0102-columnar to RustSec

* informational = "unsound"
 2021-08-21 19:25:59 -06:00
github-actions[bot]
4a51eedb08 Assigned RUSTSEC-2021-0086 to flumedb (#990) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:25:44 -06:00
Youngsuk Kim
c487b0ceea flumedb: Reading on uninitialized buffer may cause UB ( read_entry() ) (#661) 
* Report 0100-flumedb to RustSec

* informational = "unsound"
 2021-08-21 19:23:49 -06:00
github-actions[bot]
383c6359f5 Assigned RUSTSEC-2021-0085 to binjs_io (#989) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:23:35 -06:00
Youngsuk Kim
9e4db05abc binjs_io: 'Read' on uninitialized memory may cause UB (#660) 
* Report 0088-binjs_io to RustSec

* informational = "unsound"
 2021-08-21 19:20:15 -06:00
github-actions[bot]
9039912764 Assigned RUSTSEC-2021-0084 to bronzedb-protocol (#988) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-08-21 19:20:01 -06:00
Youngsuk Kim
10843f8372 bronzedb-protocol: Read on uninitialized buffer can cause UB (impl of ReadKVExt) (#659) 
* Report 0087-bronzedb-protocol to RustSec

* informational = "unsound"
 2021-08-21 19:18:33 -06:00
Alexis Mousset
e9382c8680 Fix typos in advisories (#976) 2021-08-21 19:18:11 -06:00