OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2026-01-03 18:15:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,833 Commits 1 Branch 0 Tags
f1e7c48600e0c5db93db26ff075af6d3eac77c8f
Commit Graph

1833 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
pinkforest(she/her)
f1e7c48600 Add wasmtime CVE-2022-39393 (#1509) 2023-01-12 14:12:31 +01:00
Alexis Mousset
4b4ba5b43b Update to rustsec-admin 0.8.5 (#1515) 2023-01-11 21:14:31 +01:00
pinkforest(she/her)
9e3a6922d5 Add License CC-BY 4.0 Import exemption (#1507) 2023-01-09 09:57:05 -07:00
github-actions[bot]
e1e7758c17 Assigned RUSTSEC-2023-0001 to tokio (#1511) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2023-01-09 15:15:04 +01:00
pinkforest(she/her)
7b0c697520 Add tokio CVE-2023-22466 (#1510) 
* Add tokio CVE-2023-22466

* Syntax

* Syntax

* Syntax
 2023-01-09 15:08:18 +01:00
github-actions[bot]
6d5b76eb3b Assigned RUSTSEC-2022-0074 to prettytable-rs (#1505) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-12-27 21:48:04 +11:00
davidyo
9db09cf3a8 Add unsound prettytable-rs (#1503) 
* Add unsound infoirmation to prettytable-rs

* Minor fix

Co-authored-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-12-27 21:47:27 +11:00
github-actions[bot]
487a60b7a5 Assigned RUSTSEC-2022-0073 to alloc-cortex-m (#1502) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2022-12-23 11:46:57 -05:00
Alex Martens
09ad54e872 Add unmaintained crate advisory for alloc-cortex-m (#1496) 
Has been renamed to `embedded-alloc`.
 2022-12-23 11:45:47 -05:00
Alex Gaynor
012643a050 update GHA syntax for deprecation (#1501) 
see https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
 2022-12-23 15:14:02 +01:00
github-actions[bot]
2b64ec8831 Assigned RUSTSEC-2022-0072 to hyper-staticfile (#1500) 
Co-authored-by: alex <alex@users.noreply.github.com>
 2022-12-23 08:57:25 -05:00
Stéphan Kochen
23543c1ad1 Add open redirect issue in hyper-staticfile (#1499) 2022-12-23 08:56:26 -05:00
github-actions[bot]
2addcf1133 Assigned RUSTSEC-2022-0071 to rusoto_credential (#1495) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-12-18 23:08:00 +11:00
iliana etaoin
7cf8350894 Add unmaintained rusoto_credential (#1494) 
Rusoto has been deprecated for a while; this is a more formalized notice
of such. `rusoto_credential` is the most fundamental crate in the tree.
 2022-12-18 23:05:06 +11:00
github-actions[bot]
0a2faeb871 Assigned RUSTSEC-2022-0070 to secp256k1 (#1481) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-12-07 23:29:52 +01:00
Martin Habovštiak
3be728db50 Add soundness bug in secp256k1 API (#1480) 
* Add soundness bug in `secp256k1` API

Summary: Unsound API in `secp256k1` allows use-after-free and invalid
deallocation from safe code. This was fixed and backported to multiple
versions.

* Set `date` to the date of the original disclosure

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2022-12-07 23:28:57 +01:00
github-actions[bot]
b80f8edaa7 Assigned RUSTSEC-2022-0069 to hyper-staticfile (#1478) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-11-30 23:21:18 +01:00
Stéphan Kochen
b899cefba0 Add hyper-staticfile file disclosure on Windows (#1475) 
* Add hyper-staticfile file disclosure on Windows

* Fix version specification

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2022-11-30 23:20:13 +01:00
github-actions[bot]
3ce39c743d Assigned RUSTSEC-2022-0068 to capnp (#1477) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-11-30 23:16:39 +01:00
David Renshaw
42b34df60b add capnp bug: CVE-2022-46149 (#1476) 
* add capnp bug: CVE-2022-46149

* change canonical URL, add references and aliases

Co-authored-by: Sergey "Shnatsel" Davidoff <shnatsel@gmail.com>
 2022-11-30 23:15:35 +01:00
Brandon Dyer
a66a3049c9 Patched slock (#1472) 2022-11-27 14:35:30 +01:00
github-actions[bot]
d339676e47 Assigned RUSTSEC-2021-0145 to atty (#1470) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-11-22 19:51:39 +11:00
niluxv
610c537916 Add atty potential unsoundness (unaligned read) advisory (#1462) 
Co-authored-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
 2022-11-22 19:42:13 +11:00
Alexis Mousset
92a6db9442 Update to cargo-admin 0.8.4 (#1469) 2022-11-19 17:56:18 +01:00
github-actions[bot]
0608c47076 Assigned RUSTSEC-2022-0067 to lzf (#1466) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-11-07 16:39:46 +11:00
Jan-Erik Rediger
c7e3a0aadd Add lzf use-of-uninitialized-value advisory (#1465) 
Co-authored-by: pinkforest <36498018+pinkforest@users.noreply.github.com>
Co-authored-by: Ben Kimock <kimockb@gmail.com>
 2022-11-07 16:38:48 +11:00
Sergey "Shnatsel" Davidoff
e3e6897754 Update RUSTSEC-2019-0024.md (#1464) 2022-11-05 18:45:24 +01:00
Sergey "Shnatsel" Davidoff
513609341f Update CODE_OF_CONDUCT.md (#1463) 2022-11-05 01:23:27 +01:00
Sergey "Shnatsel" Davidoff
fba5b61dfc Bump rustsec-admin to 0.8.3 (#1460) 2022-11-03 22:16:21 +01:00
github-actions[bot]
ad63e1dd8b Assigned RUSTSEC-2022-0066 to conduit-hyper (#1458) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-11-03 09:38:38 +11:00
Josh Stone
ee46afab28 Add conduit-hyper CVE-2022-39294 (#1456) 2022-11-03 09:38:07 +11:00
github-actions[bot]
abbe27e129 Assigned RUSTSEC-2022-0065 to openssl-src (#1455) 
Co-authored-by: amousset <amousset@users.noreply.github.com>
 2022-11-01 18:11:10 +01:00
Alexis Mousset
abffa94fe3 CVE-2022-3786 in openssl (#1453) 2022-11-01 18:10:41 +01:00
github-actions[bot]
881dfb7ce4 Assigned RUSTSEC-2022-0064 to openssl-src (#1454) 
Co-authored-by: amousset <amousset@users.noreply.github.com>
 2022-11-01 13:10:23 -04:00
Alexis Mousset
678af8fd31 CVE-2022-3602 in openssl (#1452) 2022-11-01 18:09:50 +01:00
github-actions[bot]
9e50517457 Assigned RUSTSEC-2022-0063 to linked_list_allocator (#1449) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-10-30 16:54:13 +01:00
Alex Martens
6a06cf8571 Add CVE-2022-36086 for linked_list_allocator (#1448) 2022-10-30 16:53:16 +01:00
github-actions[bot]
fe7b79e8eb Assigned RUSTSEC-2022-0062 to matrix-sdk (#1445) 
Co-authored-by: amousset <amousset@users.noreply.github.com>
 2022-10-24 13:22:39 +02:00
Jonas Platte
e40084b1a7 Add advisory for logging of access tokens in matrix-sdk (#1444) 2022-10-24 13:21:43 +02:00
github-actions[bot]
6a422853c0 Assigned RUSTSEC-2022-0061 to parity-wasm (#1443) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-10-23 22:05:06 +11:00
Alexander Theißen
cdcbc33c58 Add unmaintained parity-wasm (#1441) 2022-10-23 22:04:08 +11:00
github-actions[bot]
1736a7bd7c Assigned RUSTSEC-2022-0060 to orbtk (#1440) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-10-19 12:14:12 +11:00
Nagy Tibor
6eb52ef209 Add unmaintained orbtk (#1436) 2022-10-19 12:13:22 +11:00
Raphael Taylor-Davies
59f63ab58c Update RUSTSEC-2021-0122 (#1439) 2022-10-18 23:36:54 +02:00
github-actions[bot]
2418d0b0db Assigned RUSTSEC-2022-0059 to openssl-src (#1434) 
Co-authored-by: Shnatsel <Shnatsel@users.noreply.github.com>
 2022-10-11 23:01:06 +02:00
Alexis Mousset
99a38655e4 Add CVE-2022-3358 for openssl-src (#1433) 2022-10-11 22:57:46 +02:00
github-actions[bot]
842d34ee7b Assigned RUSTSEC-2022-0058 to inconceivable (#1432) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-10-11 21:32:22 +11:00
Ralf Jung
2baed2be40 Add notice inconceivable (#1430) 2022-10-11 21:31:30 +11:00
github-actions[bot]
222ccf84ef Assigned RUSTSEC-2022-0057 to badge (#1431) 
Co-authored-by: pinkforest <pinkforest@users.noreply.github.com>
 2022-10-04 14:12:52 +02:00
Valentin Brandl
db48ddc2a3 Add unmaintained badge (#1428) 2022-10-04 18:46:03 +11:00