OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-17 17:07:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,360 Commits 1 Branch 0 Tags
a7ffa73f48dd6afff74f89184f2fb4fc828d4d9f
Commit Graph

846 Commits

Author SHA1 Message Date
Wei Tang
a7ffa73f48 Add security advisory for evm crate related to memory over-allocation (#909) 2021-05-11 23:23:09 +02:00
Sergey "Shnatsel" Davidoff
bd8a0f6700 Add patched version for kekbit RUSTSEC-2020-0129 (#908) 2021-05-10 10:49:18 +02:00
github-actions[bot]
5b4c4f4d16 Assigned RUSTSEC-2021-0065 to anymap (#907) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-05-07 17:26:35 -07:00
Erick Tryzelaar
658266f614 anymap is unmaintained (#906) 
It appears that the anymap has been abandoned, and the most recent
released version contains a soundness bug that has been fixed upstream,
but never published to crates.io
 2021-05-07 17:19:04 -07:00
github-actions[bot]
444f649224 Assigned RUSTSEC-2021-0064 to cpuid-bool (#905) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-05-06 16:45:32 -07:00
Tony Arcieri
01a4733782 Add unmaintained crate advisory for cpuid-bool (#904) 
It has been renamed to `cpufeatures`. See:

https://github.com/RustCrypto/utils/pull/381
 2021-05-06 16:41:05 -07:00
github-actions[bot]
9279d5f03b Assigned RUSTSEC-2021-0063 to comrak (#903) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-05-04 10:46:29 +02:00
Asherah Connor
e8a9c4346b Add advisory for another comrak XSS (#902) 
Thanks to Sam Sanoop (snoopysecurity) for reporting.

Signed-off-by: Asherah Connor <ashe@kivikakk.ee>
 2021-05-04 10:45:50 +02:00
Tony Arcieri
f26e762f20 aes* crates: add crate names to advisory titles (#901) 
The previous titles accidentally ommitted the crate names, making them
confusing during reporting.
 2021-05-03 18:28:43 -07:00
github-actions[bot]
106fe13cb4 Assigned RUSTSEC-2021-0062 to miscreant (#900) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-05-03 12:05:09 -07:00
Tony Arcieri
fe57ea233a Add unmaintained crate advisory for miscreant (#899) 2021-05-03 12:03:33 -07:00
github-actions[bot]
14077ced71 Assigned RUSTSEC-2021-0061 to aes-ctr (#898) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-05-03 11:33:31 -07:00
Tony Arcieri
acc093457e Add unmaintained crate advisory for aes-ctr (#897) 2021-05-03 11:31:13 -07:00
github-actions[bot]
50c50ed33a Assigned RUSTSEC-2021-0060 to aes-soft (#896) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-05-03 11:19:17 -07:00
Tony Arcieri
91df546267 Add unmaintained crate advisory for aes-soft (#895) 2021-05-03 11:17:47 -07:00
github-actions[bot]
55c7b80657 Assigned RUSTSEC-2021-0059 to aesni (#894) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-05-03 11:14:14 -07:00
Tony Arcieri
0d0acd8f42 Add unmaintained crate advisory for aesni (#893) 2021-05-03 11:13:16 -07:00
github-actions[bot]
c8f399d86d Assigned RUSTSEC-2021-0058 to openssl-src (#890) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-05-01 14:15:00 +02:00
Alexis Mousset
eed48b9a15 Add CVE-2021-23841 for openssl-src (#888) 2021-05-01 14:11:36 +02:00
github-actions[bot]
d2a673c64c Assigned RUSTSEC-2021-0057 to openssl-src (#889) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-05-01 14:09:23 +02:00
Alexis Mousset
35792564ac Add CVE-2021-23840 for openssl-src (#887) 2021-05-01 14:08:48 +02:00
github-actions[bot]
d824e5d5c0 Assigned RUSTSEC-2021-0056 to openssl-src (#886) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-05-01 10:50:50 +02:00
Alexis Mousset
ee38ef509c Add CVE-2021-3450 for openssl-src (#883) 2021-05-01 10:32:22 +02:00
github-actions[bot]
e4e343b7b0 Assigned RUSTSEC-2021-0055 to openssl-src (#884) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-05-01 10:32:12 +02:00
Alexis Mousset
43778319e4 Add CVE-2021-3449 for openssl-src (#882) 2021-05-01 10:30:25 +02:00
github-actions[bot]
db03320a5d Assigned RUSTSEC-2021-0054 to rkyv (#878) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-04-29 11:54:36 +02:00
David Koloski
7086fa22a3 Report rkyv vulnerability (issue rkyv#113) (#877) 
* Report rkyv vulnerability (issue rkyv#113)

* fix category

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2021-04-29 10:40:04 +02:00
Pablo Sichert
5b3dcb83b4 Yank advisories for once-again maintained dirs/directories crates (#876) 2021-04-19 09:31:05 -07:00
Richard Bradfield
60455ec8b1 Mark patched tiny-http version for 2020-0031 (#875) 
* Mark patched tiny-http version for 2020-0031

A backport of the fix for 2020-0031 has been applied to the 0.6.x
branch, starting at 0.6.3, subsequent 0.6 versions are no longer
vulnerable.

* Fix version specification

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2021-04-16 13:27:30 +02:00
github-actions[bot]
caa2ef87e9 Assigned RUSTSEC-2021-0053 to algorithmica (#874) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-04-15 10:46:46 -07:00
JOE1994
4b7ea77407 Report 0163-algorithmica to RustSec 2021-04-15 12:00:46 -04:00
Yechan Bae
ce4db769c2 Update CVE numbers (#870) 2021-04-13 14:10:09 -07:00
Alex Huszagh
65efff6ab5 Update advisory to indicate patched versions of stackvector. 2021-04-12 22:59:53 -05:00
Ken Reed
abdfc42fea Added patch to "fix" vulnerability. (#866) 
* patch note

* added patch version
 2021-04-06 06:43:11 -07:00
Shnatsel
113188c623 Assigned RUSTSEC-2021-0051 to outer_cgi, RUSTSEC-2021-0052 to id-map 2021-04-02 08:19:57 +00:00
Sergey "Shnatsel" Davidoff
21e46e9a65 Merge pull request #863 from ammaraskar/id-map 
Add advisory for double-free issues in id-map
 2021-04-02 10:19:13 +02:00
Ammar Askar
1f8dfd9503 Add advisory for uninitialized exposure in outer_cgi 2021-03-31 08:17:57 -07:00
Ammar Askar
f35600e723 Add advisory for double-free issues in id-map 2021-03-31 08:06:30 -07:00
Shnatsel
1f9f3620e0 Assigned RUSTSEC-2021-0050 to reorder 2021-03-31 11:30:04 +00:00
Sergey "Shnatsel" Davidoff
09466c5095 Merge pull request #860 from ammaraskar/reorder 
Add advisory for out-of-bounds write and uninitialized memory exposure in reorder
 2021-03-31 13:29:33 +02:00
Ammar Askar
7b3ef9f3a5 Add advisory for out-of-bounds write and uninitialized memory exposure in reorder 2021-03-30 23:44:20 -07:00
Kyle Schaffrick
66a13ee850 max7301: Mark RUSTSEC-2020-0152 as patched. (#859) 2021-03-30 17:58:17 -04:00
Shnatsel
b4a8916121 Assigned RUSTSEC-2020-0152 to max7301 2021-03-30 17:53:01 +00:00
Sergey "Shnatsel" Davidoff
c0257cfb24 Merge pull request #857 from ammaraskar/max7301 
Add advisory for data race in max7301
 2021-03-30 19:46:11 +02:00
Ammar Askar
834ec15bd5 Add advisory for data race in max7301 2021-03-30 09:51:34 -07:00
alex
80ff151a86 Assigned RUSTSEC-2020-0151 to generator 2021-03-30 15:09:14 +00:00
Ammar Askar
39b2617fc7 Add advisory for data race in generator (#855) 2021-03-30 11:08:34 -04:00
Shnatsel
d262067f8a Assigned RUSTSEC-2020-0150 to disrustor 2021-03-30 02:47:43 +00:00
Sergey "Shnatsel" Davidoff
74f5452824 Merge pull request #849 from ammaraskar/disrustor 
Report aliasing violation and data race in disrustor
 2021-03-30 04:47:20 +02:00
Shnatsel
2127468042 Assigned RUSTSEC-2020-0149 to appendix, RUSTSEC-2021-0049 to through 2021-03-30 02:24:36 +00:00