Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

843 advisories

Loading
Double free in crossbeam Critical
CVE-2018-20996 was published for crossbeam (Rust) Aug 25, 2021
Flaw in streaming state in orion High
CVE-2018-20999 was published for orion (Rust) Aug 25, 2021
Uncontrolled recursion in trust-dns-proto High
CVE-2018-20994 was published for trust-dns-proto (Rust) Aug 25, 2021
Uncontrolled recursion in rust-yaml High
CVE-2018-20993 was published for yaml-rust (Rust) Aug 25, 2021
Improper Certificate Validation in openssl High
CVE-2016-10931 was published for openssl (Rust) Aug 25, 2021
Source code is downloaded over cleartext HTTP in portaudio Moderate
CVE-2016-10933 was published for portaudio (Rust) Aug 25, 2021
HTTPS MitM vulnerability due to lack of hostname verification Moderate
CVE-2016-10932 was published for hyper (Rust) Aug 25, 2021
tdunlap607
Headers containing newline characters can split messages in hyper Moderate
CVE-2017-18587 was published for hyper (Rust) Aug 25, 2021
Improper Input Validation in cookie High
CVE-2017-18589 was published for cookie (Rust) Aug 25, 2021
Improper Certificate Validation in security-framework Moderate
CVE-2017-18588 was published for security-framework (Rust) Aug 25, 2021
Memory corruption slice-deque Critical
CVE-2018-20995 was published for slice-deque (Rust) Aug 25, 2021
Double free in smallvec Critical
CVE-2018-20991 was published for smallvec (Rust) Aug 25, 2021
Multiple memory safety issues in actix-web Moderate
GHSA-w65j-g6c7-g3m4 was published for actix-web (Rust) Aug 25, 2021
VecStorage Deserialize Allows Violation of Length Invariant Moderate
GHSA-h3mf-4fwp-59c7 was published for nalgebra (Rust) Aug 5, 2021 withdrawn
OS command injection in ripgrep Critical
CVE-2021-3013 was published for grep-cli (Rust) Aug 5, 2021
SMTP command injection in lettre Critical
CVE-2021-38189 was published for lettre (Rust) Jul 12, 2021
paolobarbolini
Integer Overflow in Chunked Transfer-Encoding Moderate
CVE-2021-32714 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign Low
CVE-2021-32715 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
tdunlap607
ProTip! Advisories are also available from the GraphQL API