OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 15:56:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,224 Commits 1 Branch 0 Tags
e4cc2dfc24cd24d3285dfd24e02ecabede54025b
Commit Graph

747 Commits

Author SHA1 Message Date
Sergey "Shnatsel" Davidoff
e4cc2dfc24 Merge pull request #801 from ammaraskar/rulinalg 
Add unmaintained advisory for rulinalg crate
 2021-03-04 14:57:11 +01:00
github-actions[bot]
e93938cb63 Assigned RUSTSEC-2021-0035 to quinn (#805) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-03-04 08:01:02 -05:00
Dirkjan Ochtman
a0ec5819c8 Add advisory for invalid layout assumptions in quinn (#804) 2021-03-04 07:59:10 -05:00
Shnatsel
240080a19e Assigned RUSTSEC-2021-0034 to office 2021-03-03 18:06:07 +00:00
Sergey "Shnatsel" Davidoff
d489c26624 Merge pull request #802 from ammaraskar/office 
Add unmaintained advisory for office crate. Fixes #742
 2021-03-03 18:29:24 +01:00
Ammar Askar
25e792c03f Add unmaintained advisory for office crate. Fixes #742 2021-03-03 07:42:08 -08:00
Ammar Askar
aced392fca Add unmaintained advisory for rulinalg crate 2021-03-03 07:36:23 -08:00
Shnatsel
2e968911c5 Assigned RUSTSEC-2021-0033 to stack_dst 2021-03-03 14:39:29 +00:00
Sergey "Shnatsel" Davidoff
917ae7c2de Merge pull request #799 from ammaraskar/stack_dst 
[patched] Add advisory for double-free in stack_dst
 2021-03-03 15:38:51 +01:00
Ammar Askar
a0c9d676d4 Add advisory for double-free in stack_dst 2021-03-03 06:36:09 -08:00
Shnatsel
b8b93bd677 Assigned RUSTSEC-2021-0032 to byte_struct 2021-03-02 18:12:07 +00:00
Sergey "Shnatsel" Davidoff
10e79dbffe Merge pull request #796 from ammaraskar/byte_struct 
[patched] Add advisory for uninitialized memory drop in byte_struct
 2021-03-02 19:11:30 +01:00
Shnatsel
6dc263820d Assigned RUSTSEC-2021-0031 to nano_arena 2021-03-02 18:10:54 +00:00
Sergey "Shnatsel" Davidoff
160d5c7ec2 Merge pull request #795 from ammaraskar/nano_arena 
[patched] Add advisory for aliasing violation in nano_arena
 2021-03-02 19:09:27 +01:00
Ammar Askar
50db2cc7a3 Add advisory for aliasing violation in nano_arena 2021-03-02 10:07:44 -08:00
Ammar Askar
d9614925ce Add advisory for uninitialized memory drop in byte_struct 2021-03-02 10:04:50 -08:00
Sergey "Shnatsel" Davidoff
0133e8aca6 Merge pull request #792 from RustSec/revert-788-mark-generic-array-advisory-as-unsound 
Revert "Mark RUSTSEC-2020-0146 as unsound (#788)"
 2021-03-02 18:10:42 +01:00
Shnatsel
8887e3da3a Assigned RUSTSEC-2021-0030 to scratchpad 2021-03-02 17:01:31 +00:00
Sergey "Shnatsel" Davidoff
220fb9e194 Merge pull request #793 from ammaraskar/scratchpad 
[patched] Add advisory for double-free in scratchpad
 2021-03-02 18:00:53 +01:00
Ammar Askar
e59320ad70 Add advisory for double-free in scratchpad 2021-03-02 08:55:20 -08:00
Sergey "Shnatsel" Davidoff
927b303d20 Revert "Mark RUSTSEC-2020-0146 as unsound (#788)" 
This reverts commit 14e6efec55.
 2021-03-02 17:03:07 +01:00
Konrad Borowski
14e6efec55 Mark RUSTSEC-2020-0146 as unsound (#788) 2021-03-02 07:30:22 -08:00
Emil Fresk
196ad433d8 Heapless soundness fix since 0.6.1 (#791) 2021-03-02 07:12:22 -08:00
Sergey Potapov
1c7888e4ee Update RUSTSEC-2020-0146.md with list of patched versions (#789) 
* Update RUSTSEC-2020-0146.md with list of patched versions

* Update crates/generic-array/RUSTSEC-2020-0146.md

Co-authored-by: Alex Gaynor <alex.gaynor@gmail.com>
 2021-03-02 08:48:41 -05:00
Shnatsel
dafd2019df Assigned RUSTSEC-2021-0029 to truetype 2021-03-01 20:33:53 +00:00
Sergey "Shnatsel" Davidoff
b06be14404 Merge pull request #786 from ammaraskar/truetype 
[patched] Report uninitialized memory exposure in truetype
 2021-03-01 21:33:26 +01:00
Ammar Askar
b4afb832c4 Report uninitialized memory exposure in truetype 2021-03-01 11:54:59 -08:00
Shnatsel
f4e465c615 Assigned RUSTSEC-2021-0028 to toodee 2021-03-01 19:42:57 +00:00
Sergey "Shnatsel" Davidoff
d1853a7aeb Merge pull request #784 from ammaraskar/toodee 
[patched] Add advisory for memory safety issue in toodee's insert_row
 2021-03-01 20:42:30 +01:00
Ammar Askar
af1b1de41f Add advisory for memory safety issue in toodee's insert_row 2021-03-01 11:39:59 -08:00
Shnatsel
fae9025168 Assigned RUSTSEC-2021-0027 to bam 2021-03-01 19:16:34 +00:00
Ammar Askar
fe25ca02b8 Add advisory for out-of-bounds write in bam 2021-03-01 11:11:44 -08:00
Shnatsel
c71170c328 Assigned RUSTSEC-2020-0146 to generic-array 2021-03-01 14:06:15 +00:00
Konrad Borowski
eda0a2235a Add an advisory on lifetime extension in generic-array 2021-03-01 14:24:05 +01:00
Shnatsel
7c260c52d1 Assigned RUSTSEC-2020-0145 to heapless 2021-02-27 01:05:30 +00:00
Sergey "Shnatsel" Davidoff
9283d50ad0 heapless: fix year: 2020, not 2010 2021-02-27 02:05:08 +01:00
Sergey "Shnatsel" Davidoff
9c16fb05f7 Merge pull request #778 from jonasbb/heapless 
heapless: use-after-free when cloning partially consumed Iterator
 2021-02-27 02:03:32 +01:00
Jonas Bushart
12033122b3 heapless: use-after-free when cloning partially consumed Iterator 2021-02-26 23:55:46 +01:00
Yechan Bae
b724f12a5b Update CVE numbers (#777) 
* Update CVE numbers

* Fix RUSTSEC-2020-0093

* Add another alias for async-h1 crate
 2021-02-25 20:00:25 -05:00
Mikhail "L117" Nikolenko
5775f25882 Fixed memory corruption. (#776) 2021-02-22 08:21:17 -05:00
Shnatsel
a1aa21364f Assigned RUSTSEC-2021-0026 to comrak 2021-02-21 02:45:58 +00:00
Kohei Morita
3aada4c4d8 Add advisory on comrak XSS 
Signed-off-by: Kohei Morita <mrtc0@ssrf.in>
 2021-02-21 11:22:07 +09:00
Shnatsel
96b1688755 Assigned RUSTSEC-2021-0024 to safe-api, RUSTSEC-2021-0025 to jsonrpc-quic 2021-02-15 16:43:30 +00:00
Stephen Coyle
55026f94f3 Add unmaintained crate advisory for jsonrpc-quic 
Renamed to `qjsonrpc`.
 2021-02-15 16:19:30 +00:00
Stephen Coyle
c2e8d57fbd Add unmaintained crate advisory for safe-api 
Renamed to `sn_api`.
 2021-02-15 16:08:19 +00:00
github-actions[bot]
7c81bd4fc3 Assigned RUSTSEC-2021-0023 to rand_core (#771) 
Co-authored-by: tarcieri <tarcieri@users.noreply.github.com>
 2021-02-15 07:35:47 -08:00
Diggory Hardy
221ec336f9 rand_core: incorrect check on buffer length when seeding RNGs (#764) 2021-02-15 07:31:38 -08:00
Shnatsel
be43bc8c83 Assigned RUSTSEC-2021-0022 to yottadb 2021-02-15 01:03:11 +00:00
Sergey "Shnatsel" Davidoff
102fad06fd Merge pull request #769 from jyn514/ydbrust 
Add use-after-free advisory for `yottadb 1.1.0` and earlier
 2021-02-15 02:02:47 +01:00
Joshua Nelson
8b0681777f Add use-after-free advisory for yottadb 1.1.0 and earlier 
Note that this does not have an `informational = "unsound"` field
because the use-after-free can occur even with normal use of the
library, not with specially crafted or malicious usages.
 2021-02-14 19:56:22 -05:00