Vulnerabilities

ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-fqmf-w4xh-33rh
  • crates.io/gix-worktree-state
gix-worktree-state nonexclusive checkout sets executable files world-writable 2 days ago
  • Fix available
  • Severity - 5.0 (Medium)
RUSTSEC-2025-0001
  • crates.io/gix-worktree-state
gix-worktree-state nonexclusive checkout sets executable files world-writable 5 days ago
  • Fix available
  • Severity - 5.0 (Medium)
GHSA-c873-wfhp-wx5m
  • crates.io/sp1-stark
SP1 has missing verifier checks and fiat-shamir observations 15 Jan
  • Fix available
GHSA-g5x8-v2ch-gj2g
  • crates.io/vaultwarden
Vaultwarden HTML injection vulnerability 09 Jan
  • Fix available
  • Severity - 1.3 (Low)
GHSA-vprm-27pv-jp3w
  • crates.io/vaultwarden
Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability 09 Jan
  • Fix available
  • Severity - 1.1 (Low)
GHSA-x7m9-mv49-fv73
  • crates.io/vaultwarden
Vaultwarden vulnerable to user impersonation 09 Jan
  • Fix available
  • Severity - 7.7 (High)
GHSA-r5vf-wf4h-82gg
  • crates.io/matrix-sdk-crypto
matrix-sdk-crypto missing facility to signal rotation of a verified cryptographic identity 07 Jan
  • Fix available
  • Severity - 4.3 (Medium)
GHSA-f27p-cmv8-xhm6
  • crates.io/deno_fetch
  • crates.io/deno
fetch: Authorization headers not dropped when redirecting cross-origin 06 Jan
  • Fix available
  • Severity - 7.5 (High)
GHSA-gmx7-gr5q-85w5
  • crates.io/magic-crypt
magic-crypt uses insecure cryptographic algorithms 30 Dec 2024
  • No fix available
GHSA-gv7f-5qqh-vxfx
  • crates.io/xous
xous has unsound usages of `core::slice::from_raw_parts` 30 Dec 2024
  • Fix available
RUSTSEC-2024-0430
  • crates.io/magic-crypt
Use of insecure cryptographic algorithms 28 Dec 2024
  • No fix available
GHSA-hqmp-g7ph-x543
  • crates.io/quincy
TunnelVision - decloaking VPNs using DHCP 27 Dec 2024
  • No fix available
  • Severity - 5.3 (Medium)
GHSA-wrw7-89jp-8q8g
  • crates.io/glib
Unsoundness in `Iterator` and `DoubleEndedIterator` impls for `glib::VariantStrIter` 23 Dec 2024
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-h6xm-c6r4-vmwf
  • crates.io/spl-token-swap
Unsound usages of `u8` type casting in spl-token-swap 23 Dec 2024
  • No fix available
GHSA-f7qj-v3vp-4856
  • crates.io/libafl
libafl has unsound usages of `core::slice::from_raw_parts_mut` 23 Dec 2024
  • Fix available
  • Severity - 6.9 (Medium)
GHSA-3qx8-rv27-j6gp
  • crates.io/kvm-ioctls
Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device` 23 Dec 2024
  • Fix available