OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-01 17:20:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,337 Commits 1 Branch 0 Tags
ee38ef509c7be2a44587fbbacab3c7f8a1f6ecd0
Commit Graph

824 Commits

Author SHA1 Message Date
Alexis Mousset
ee38ef509c Add CVE-2021-3450 for openssl-src (#883) 2021-05-01 10:32:22 +02:00
github-actions[bot]
e4e343b7b0 Assigned RUSTSEC-2021-0055 to openssl-src (#884) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-05-01 10:32:12 +02:00
Alexis Mousset
43778319e4 Add CVE-2021-3449 for openssl-src (#882) 2021-05-01 10:30:25 +02:00
github-actions[bot]
db03320a5d Assigned RUSTSEC-2021-0054 to rkyv (#878) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-04-29 11:54:36 +02:00
David Koloski
7086fa22a3 Report rkyv vulnerability (issue rkyv#113) (#877) 
* Report rkyv vulnerability (issue rkyv#113)

* fix category

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2021-04-29 10:40:04 +02:00
Pablo Sichert
5b3dcb83b4 Yank advisories for once-again maintained dirs/directories crates (#876) 2021-04-19 09:31:05 -07:00
Richard Bradfield
60455ec8b1 Mark patched tiny-http version for 2020-0031 (#875) 
* Mark patched tiny-http version for 2020-0031

A backport of the fix for 2020-0031 has been applied to the 0.6.x
branch, starting at 0.6.3, subsequent 0.6 versions are no longer
vulnerable.

* Fix version specification

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2021-04-16 13:27:30 +02:00
github-actions[bot]
caa2ef87e9 Assigned RUSTSEC-2021-0053 to algorithmica (#874) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2021-04-15 10:46:46 -07:00
JOE1994
4b7ea77407 Report 0163-algorithmica to RustSec 2021-04-15 12:00:46 -04:00
Yechan Bae
ce4db769c2 Update CVE numbers (#870) 2021-04-13 14:10:09 -07:00
Alex Huszagh
65efff6ab5 Update advisory to indicate patched versions of stackvector. 2021-04-12 22:59:53 -05:00
Ken Reed
abdfc42fea Added patch to "fix" vulnerability. (#866) 
* patch note

* added patch version
 2021-04-06 06:43:11 -07:00
Shnatsel
113188c623 Assigned RUSTSEC-2021-0051 to outer_cgi, RUSTSEC-2021-0052 to id-map 2021-04-02 08:19:57 +00:00
Sergey "Shnatsel" Davidoff
21e46e9a65 Merge pull request #863 from ammaraskar/id-map 
Add advisory for double-free issues in id-map
 2021-04-02 10:19:13 +02:00
Ammar Askar
1f8dfd9503 Add advisory for uninitialized exposure in outer_cgi 2021-03-31 08:17:57 -07:00
Ammar Askar
f35600e723 Add advisory for double-free issues in id-map 2021-03-31 08:06:30 -07:00
Shnatsel
1f9f3620e0 Assigned RUSTSEC-2021-0050 to reorder 2021-03-31 11:30:04 +00:00
Sergey "Shnatsel" Davidoff
09466c5095 Merge pull request #860 from ammaraskar/reorder 
Add advisory for out-of-bounds write and uninitialized memory exposure in reorder
 2021-03-31 13:29:33 +02:00
Ammar Askar
7b3ef9f3a5 Add advisory for out-of-bounds write and uninitialized memory exposure in reorder 2021-03-30 23:44:20 -07:00
Kyle Schaffrick
66a13ee850 max7301: Mark RUSTSEC-2020-0152 as patched. (#859) 2021-03-30 17:58:17 -04:00
Shnatsel
b4a8916121 Assigned RUSTSEC-2020-0152 to max7301 2021-03-30 17:53:01 +00:00
Sergey "Shnatsel" Davidoff
c0257cfb24 Merge pull request #857 from ammaraskar/max7301 
Add advisory for data race in max7301
 2021-03-30 19:46:11 +02:00
Ammar Askar
834ec15bd5 Add advisory for data race in max7301 2021-03-30 09:51:34 -07:00
alex
80ff151a86 Assigned RUSTSEC-2020-0151 to generator 2021-03-30 15:09:14 +00:00
Ammar Askar
39b2617fc7 Add advisory for data race in generator (#855) 2021-03-30 11:08:34 -04:00
Shnatsel
d262067f8a Assigned RUSTSEC-2020-0150 to disrustor 2021-03-30 02:47:43 +00:00
Sergey "Shnatsel" Davidoff
74f5452824 Merge pull request #849 from ammaraskar/disrustor 
Report aliasing violation and data race in disrustor
 2021-03-30 04:47:20 +02:00
Shnatsel
2127468042 Assigned RUSTSEC-2020-0149 to appendix, RUSTSEC-2021-0049 to through 2021-03-30 02:24:36 +00:00
Sergey "Shnatsel" Davidoff
542f10cf16 Merge pull request #850 from ammaraskar/through 
Report double-free in through crate
 2021-03-30 04:23:56 +02:00
Sergey "Shnatsel" Davidoff
ce9e6f4187 Merge pull request #852 from RustSec/assign-ids 
Assigned RUSTSEC-2021-0048 to stackvector
 2021-03-30 04:23:13 +02:00
Sergey "Shnatsel" Davidoff
3e5e0df85c Merge pull request #848 from ammaraskar/appendix 
Report data race and memory safety issue in appendix
 2021-03-30 04:23:03 +02:00
Shnatsel
508a2af02c Assigned RUSTSEC-2021-0048 to stackvector 2021-03-30 02:22:34 +00:00
Sergey "Shnatsel" Davidoff
2b53054c5f Merge pull request #847 from ammaraskar/stackvector 
Report out-of-bounds write in stackvec
 2021-03-30 04:21:45 +02:00
Shnatsel
7eb0c5eb27 Assigned RUSTSEC-2021-0047 to slice-deque 2021-03-30 02:20:34 +00:00
Sergey "Shnatsel" Davidoff
e60d4aa2ad Merge pull request #846 from ammaraskar/slice-deque 
Report double-free in slice-deque
 2021-03-30 04:19:36 +02:00
Ammar Askar
7a48c26392 Report double-free in through crate 2021-03-29 13:10:43 -07:00
Ammar Askar
8923895323 Report aliasing violation and data race in disrustor 2021-03-29 12:31:24 -07:00
Ammar Askar
4b209813ab Report data race and memory safety issue in appendix 2021-03-29 11:15:24 -07:00
Ammar Askar
d93ffb22ef Report out-of-bounds write in stackvec 2021-03-29 09:47:23 -07:00
Ammar Askar
727cea2410 Report double-free in slice-deque 2021-03-29 08:57:15 -07:00
Alexis Mousset
b10d085c36 RUSTSEC-2021-0020 is fixed in hyper 0.12.36 too 
See https://github.com/hyperium/hyper/blob/0.12.x/CHANGELOG.md#v01236-2021-02-17

Fix was backported to 0.12.x in https://github.com/hyperium/hyper/pull/2436 and released in 0.12.36.
 2021-03-29 13:59:27 +02:00
Shnatsel
de97e74044 Assigned RUSTSEC-2021-0046 to telemetry 2021-03-29 06:55:04 +00:00
Sergey "Shnatsel" Davidoff
5f91ab66a3 Merge pull request #843 from ammaraskar/telemetry 
Report uninitialized memory drop on panic in telemetry
 2021-03-29 08:54:38 +02:00
Ammar Askar
e46aa5b08f Report uninitialized memory drop on panic in telemetry 2021-03-28 23:47:51 -07:00
Shnatsel
14cf0de07c Assigned RUSTSEC-2021-0045 to adtensor 2021-03-29 06:34:28 +00:00
Sergey "Shnatsel" Davidoff
6b8dc890ce Merge pull request #841 from ammaraskar/adtensor 
Report uninitialized memory drop in adtensor
 2021-03-29 08:33:49 +02:00
Ammar Askar
4418b8d1a3 Report uninitialized memory drop in adtensor 2021-03-28 23:32:12 -07:00
Shnatsel
36b0c9b40e Assigned RUSTSEC-2020-0148 to cgc 2021-03-26 19:11:23 +00:00
Ammar Askar
c8604c2616 Add advisory for multiple issues in cgc 2021-03-26 08:48:57 -07:00
github-actions[bot]
ca8a60b7be Assigned RUSTSEC-2021-0044 to rocket (#838) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2021-03-26 10:23:59 -04:00