Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
cargo Security Advisories
Loading...
High
Ecosystems: cargo
Packages: self_cell
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS00OG02LXdtNXAtcnI2aM4AA3Hq
Insufficient covariance check makes self_cell unsoundEcosystems: cargo
Packages: self_cell
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Moderate
Ecosystems: cargo
Packages: rustc-serialize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yMjI2LTR2M2MtY2ZmOM4AArs2
Stack overflow in rustc_serialize when parsing deeply nested JSONEcosystems: cargo
Packages: rustc-serialize
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: arrow2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01ajh3LXI3ZzgtNTQ3Ms4AArq3
Arrow2 allows double free in `safe` codeEcosystems: cargo
Packages: arrow2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: secp256k1
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS05Njl3LXE3NHEtOWo4ds4AAwNT
Unsound API in `secp256k1` allows use-after-free and invalid deallocation from safe codeEcosystems: cargo
Packages: secp256k1
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: buffered-reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS0yOW1mLTYyeHgtMjhqcc4AAzpN
buffered-reader vulnerable to out-of-bounds array access leading to panicEcosystems: cargo
Packages: buffered-reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Moderate
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS05bWZjLWNod2YtN3doZs4AAvq9
ckb: Large dep group requires a lot of resources to process but the cost to commit the transaction is very low.Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: cargo
Packages: buffoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1obXg5LWptM3YtMzNods4AArq7
InputStream::read_exact : `Read` on uninitialized buffer causes UBEcosystems: cargo
Packages: buffoon
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: bronzedb-protocol
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS01cGhjLTg0OWgtdmN4Z84AArq6
`Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`)Ecosystems: cargo
Packages: bronzedb-protocol
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: cyfs-base
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1nNzUzLWdocjctcTMzd84AAz_4
cyfs-base vulnerable to misaligned pointer dereference in `ChunkId::new`Ecosystems: cargo
Packages: cyfs-base
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Moderate
Ecosystems: cargo
Packages: borsh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mang1LXFwZjQteGpmMs4AAy0U
Parsing borsh messages with ZST which are not-copy/clone is unsoundEcosystems: cargo
Packages: borsh
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS14Y2Y3LXJ2bWgtZzZxNM4AAz-d
`openssl` `X509VerifyParamRef::set_host` buffer over-readEcosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Moderate
Ecosystems: cargo
Packages: memoffset
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS13Zmc0LTMyMmctOXZxds4AAz-b
memoffset allows reading uninitialized memoryEcosystems: cargo
Packages: memoffset
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Moderate
Ecosystems: cargo
Packages: frontier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1jamcyLTJmamctZnBoNM0jVQ
Integer underflow in FrontierEcosystems: cargo
Packages: frontier
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wMmdtLWZmcjMtdzJ4d84AAxfS
Nervos CKB vulnerable to low-resource flood DDoS attacks through network messageEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS02aGNmLWc2Z3ItaGhjcs4AAyUJ
`openssl` `X509Extension::new` and `X509Extension::new_nid` null pointer dereferenceEcosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: cargo
Packages: hyper-staticfile
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS03cDdjLXB2dngtMnZ4M84AAwJ3
hyper-staticfile's improper validation of Windows paths could lead to directory traversal attackEcosystems: cargo
Packages: hyper-staticfile
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTY2cDUtajU1cC0zMnI5
smallvec creates uninitialized value of any typeEcosystems: cargo
Packages: smallvec
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: rmpv
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1jcmYtN2hmOS1mNnE1
Unchecked vector pre-allocationEcosystems: cargo
Packages: rmpv
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Critical
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ1cDctYzk1OS1yZ2Nt
Process crashes when the cell used as DepGroup is not aliveEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: cargo
Packages: fake-static
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTh4dzgtbW1xdi1mcnFx
fake-static allows converting any reference into a `'static` referenceEcosystems: cargo
Packages: fake-static
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXY2NjYtNnc5Ny1wY3dt
Miner fails to get block template when a cell used as a cell dep has been destroyed.Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTQ4dnEtOGpxdi1nbTZm
Remote memory exhaustion in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: rust-i18n-support
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS1jOHYzLWpodjktNHBwY84AA4ow
Use-after-free when setting the localeEcosystems: cargo
Packages: rust-i18n-support
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Low
Ecosystems: cargo
Packages: ferris-says
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
GSA_kwCzR0hTQS12MzYzLXJyZjItNWZtas4AA4ig
ferris-says has undefined behavior when not using UTF-8Ecosystems: cargo
Packages: ferris-says
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 4 months ago
Moderate
Ecosystems: cargo
Packages: stb_image
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1wcGpyLTI2N2otNXA5eM4AAyMh
NULL pointer derefernce in `stb_image`Ecosystems: cargo
Packages: stb_image
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: cargo
Packages: lmdb-rs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1mOWc2LWZwODQtZnY5Ms4AA0zv
impl `FromMdbValue` for bool is unsoundEcosystems: cargo
Packages: lmdb-rs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: cargo
Packages: s2n-quic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS00NzV2LXBxMmctZnA5Z84AA2_T
s2n-quic potential denial of service via crafted stream framesEcosystems: cargo
Packages: s2n-quic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Moderate
Ecosystems: cargo
Packages: inventory
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1naGM4LTVjZ20tNXJwZs4AA1zP
Inventory fails to prohibit standard library access prior to initialization of Rust standard library runtimeEcosystems: cargo
Packages: inventory
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Low
Ecosystems: cargo
Packages: s2n-quic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1yZmhnLXJqZnAtOXE4cc4AA03d
Potential denial of service after connection migrationEcosystems: cargo
Packages: s2n-quic
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Moderate
Ecosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS0zZ3hmLTlyNTgtMmdoZ84AAyUL
`openssl` `X509NameBuilder::build` returned object is not thread safeEcosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: cargo
Packages: bingrep
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
GSA_kwCzR0hTQS1nbTY4LWczNDktZ3hnZ80luQ
Denial of service in bingrepEcosystems: cargo
Packages: bingrep
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: maligned
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS13bTh4LXBocDUtaHZxNs4AAx-c
Maligned causes incorrect deallocationEcosystems: cargo
Packages: maligned
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: intaglio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS1nY2g1LWh3cWYtbXhocM4AA069
Unsoundness in `intern` methods on `intaglio` symbol internersEcosystems: cargo
Packages: intaglio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Moderate
Ecosystems: cargo
Packages: ntru
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mcTMzLXZtaHYtNDh4aM4AAyoP
ntru-rs has unsound FFI: Wrong API usage causes write past allocated areaEcosystems: cargo
Packages: ntru
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: cargo
Packages: bottlerocket/update-operator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qNzl4LXZ2Z20tdzczd84AAxgK
bottlerocket dependency openssl provides streaming of ASN.1 data via a BIOEcosystems: cargo
Packages: bottlerocket/update-operator
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Low
Ecosystems: cargo
Packages: atty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
GSA_kwCzR0hTQS1nOTh2LWh2M2YtaGNmcs4AA0KD
atty potential unaligned readEcosystems: cargo
Packages: atty
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 11 months ago
Moderate
Ecosystems: cargo
Packages: gix-transport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1ycmp3LWo0bTItbWYzNM4AA2CW
gix-transport code execution vulnerabilityEcosystems: cargo
Packages: gix-transport
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
High
Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1odjl2LTd3M3Ytcmo2Zs4AArqv
`Read` on uninitialized buffer in `fill_buf()` and `read_up_to()`Ecosystems: cargo
Packages: acc_reader
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: arrow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yN2NqLXdtd3YtaGZ3Nc4AArqz
`BinaryArray` does not perform bound checks on reading values and offsetsEcosystems: cargo
Packages: arrow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: arrow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xZ3JwLThmM3YtcTg1cM4AArq2
`FixedSizeBinaryArray` does not perform bound checks on accessing values and offsetsEcosystems: cargo
Packages: arrow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: binjs_io
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jNnB4LTRncnctaHJqcs4AArq4
'Read' on uninitialized memory may cause UBEcosystems: cargo
Packages: binjs_io
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: arrow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oNTg4LTc2dmctcHJnas4AArq1
`DecimalArray` does not perform bound checks on accessing values and offsetsEcosystems: cargo
Packages: arrow
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: bite
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03MnIyLXJnMjgtNDd2Oc4AArq5
`read` on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max)Ecosystems: cargo
Packages: bite
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: crossbeam-channel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05ZzU1LXBnNjItbThoaM4AArq-
Channel creates zero value of any typeEcosystems: cargo
Packages: crossbeam-channel
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: plutonium
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1nZmc5LXg2cHgtcjdncs4AArqp
Library exclusively intended to obfuscate code.Ecosystems: cargo
Packages: plutonium
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS05cXdnLWNyZzktbTJ2Y84AAyUK
`openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file readEcosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Moderate
Ecosystems: cargo
Packages: async-nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1mNXY1LWNjcWMtNnczNs4AAyUF
async-nats vulnerable to TLS certificate common name validation bypassEcosystems: cargo
Packages: async-nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: cargo
Packages: gfx-auxil
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yOHA1LTdyZzQtOHY5Oc4AArrI
Reading on uninitialized buffer may cause UB ( `gfx_auxil::read_spirv()` )Ecosystems: cargo
Packages: gfx-auxil
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
GSA_kwCzR0hTQS14cGhmLWN4OGgtN3E5Z84AA3Zx
`openssl` `X509StoreRef::objects` is unsoundEcosystems: cargo
Packages: openssl
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 6 months ago
Critical
Ecosystems: cargo
Packages: traitobject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1wcDhyLXZ2MmotOWo1ds4AAu1P
traitobject is UnmaintainedEcosystems: cargo
Packages: traitobject
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: libpulse-binding
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLXdjeGMtamY2Yy04cng5
Uncaught Exception in libpulse-bindingEcosystems: cargo
Packages: libpulse-binding
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
High
Ecosystems: cargo
Packages: lru
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcW1jLWh3cXAtOGcyd84AArsp
Use after free in lru crateEcosystems: cargo
Packages: lru
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: libp2p-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS13YzM2LXhnY2Mtandwcs4AArrK
Failure to verify the public key of a `SignedEnvelope` against the `PeerId` in a `PeerRecord`Ecosystems: cargo
Packages: libp2p-core
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: raw-cpuid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qZjVoLWNmOTUtdzc1Oc4AArsy
Optional `Deserialize` implementations lacking validationEcosystems: cargo
Packages: raw-cpuid
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: metrics-util
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zaHhoLTdqeG0tNTl4NM4AArss
AtomicBucket<T> unconditionally implements Send/SyncEcosystems: cargo
Packages: metrics-util
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: nanorand
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNmdqLWdwYzgtZjh4d84AArst
Aliased mutable references from `tls_rand` & `TlsWyRand`Ecosystems: cargo
Packages: nanorand
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tMzI1LXJ4anYtcHdwaM4AArsq
Deserialization functions pass uninitialized memory to user-provided ReadEcosystems: cargo
Packages: messagepack-rs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: hyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1mNjdtLTlqOTQtcXY5as4AArrJ
Parser creates invalid uninitialized valueEcosystems: cargo
Packages: hyper
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: rust-crypto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qcDN3LTNxODgtMzRjZs4AArs0
Miscomputation when performing AES encryption in rust-cryptoEcosystems: cargo
Packages: rust-crypto
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: flumedb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wNTZwLWdxM2Ytd2hnOM4AArrH
`Read` on uninitialized buffer may cause UB ( `read_entry()` )Ecosystems: cargo
Packages: flumedb
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: csv-sniffer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yNjdwLW03ZzktZ3h3Ns4AArrC
`Read` on uninitialized memory may cause UB (fn preamble_skipcount())Ecosystems: cargo
Packages: csv-sniffer
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: crossbeam
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS04Z2o4LWh2NzUtZ3A5NM4AArrA
`SegQueue` creates zero value of any typeEcosystems: cargo
Packages: crossbeam
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: cargo
Packages: shamir
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05NzhqLTg4ZjMtcDVqM84AArs3
Threshold value is ignored (all shares are n=3)Ecosystems: cargo
Packages: shamir
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: vec-const
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1qbXd4LXIzZ3EtcXEzcM4AArs-
vec-const attempts to construct a Vec from a pointer to a const sliceEcosystems: cargo
Packages: vec-const
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: crossbeam
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1yd2Y0LWd4NjItcnFmd84AArcp
`MsQueue` `push`/`pop` use the wrong orderingsEcosystems: cargo
Packages: crossbeam
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: dashmap
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1tcGc1LWZ2d3AtNDJtMs4AArrD
Unsoundness in `dashmap` referencesEcosystems: cargo
Packages: dashmap
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: ostree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
GSA_kwCzR0hTQS14OTZnLTk1ZnEtNHh2NM4AA0xH
libostree vulnerable to denial of service attackEcosystems: cargo
Packages: ostree
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 10 months ago
Low
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1mamo0LTJxNzMtanZnY84AAxfR
Nervos CKB calculation of program load cycles may be missed when executing in resume modeEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: threadalone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
GSA_kwCzR0hTQS13NTloLTM3OGYtMmZybc4AA4oR
Unsound sending of non-Send types across threads in threadaloneEcosystems: cargo
Packages: threadalone
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 4 months ago
Moderate
Ecosystems: cargo
Packages: trust-dns-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
GSA_kwCzR0hTQS01Zm05LWg3MjgtZndwas4AAzpS
trust-dns vulnerable to Remote Attackers causing Denial-of-Service (packet loops) with crafted DNS packetsEcosystems: cargo
Packages: trust-dns-server
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 12 months ago
Low
Ecosystems: cargo
Packages: cargo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS13cnJqLWg1N3Itdng5cM4AA1fa
Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reportsEcosystems: cargo
Packages: cargo
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
Ecosystems: cargo
Packages: elf_rs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS1nNnB3LTk5OXctajc1bc4AAxG5
ELF header parsing library doesn't check for valid offsetEcosystems: cargo
Packages: elf_rs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: enumflags2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS1xdmM0LTc4Z3ctcHY4cM4AAy8O
Adverserial use of `make_bitflags!` macro can cause undefined behaviorEcosystems: cargo
Packages: enumflags2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: cargo
Packages: tower-http
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xcnFxLTljNjMteGZyZ84AAt79
tower-http's improper validation of Windows paths could lead to directory traversal attackEcosystems: cargo
Packages: tower-http
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: partial_sort
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS01eDM2LTc1NjctM2N3Ns4AAx3a
partial_sort contains Out-of-bounds Read in release modeEcosystems: cargo
Packages: partial_sort
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
Low
Ecosystems: cargo
Packages: topgrade
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
GSA_kwCzR0hTQS1mMnd4LXhqZncteGp2Ns4AA0vw
topgrade Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_allEcosystems: cargo
Packages: topgrade
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 10 months ago
Moderate
Ecosystems: cargo
Packages: array-macro
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS03djRqLTh3dnItdjU1cs4AArqy
`array!` macro is unsound when its length is impure constantEcosystems: cargo
Packages: array-macro
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: iana-time-zone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS0zZmc5LWhjcTUtdnhyY84AAuiw
iana-time-zone vulnerable to use after free in MacOS / iOS implementationEcosystems: cargo
Packages: iana-time-zone
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: lexical
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
GSA_kwCzR0hTQS1jMmhtLW1qeHYtODlyNM4AA1rG
Multiple soundness issues in lexicalEcosystems: cargo
Packages: lexical
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 9 months ago
Moderate
Ecosystems: cargo
Packages: cortex-m-rt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS14dzVqLWd2MmctbWptMs4AAxo-
Miscompilation in cortex-m-rt 0.7.1 and 0.7.2Ecosystems: cargo
Packages: cortex-m-rt
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: mz-avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
GSA_kwCzR0hTQS1qd2gyLXZycjktdmNwMs4AAuiu
mz-avro's incorrect use of `set_len` allows for un-initialized memoryEcosystems: cargo
Packages: mz-avro
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: over 1 year ago
High
Ecosystems: cargo
Packages: oqs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oODY0LW04dm0tM3h2as4AAuFr
oqs's Post-Quantum Signature scheme Rainbow level I parametersets brokenEcosystems: cargo
Packages: oqs
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: tremor-script
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0zcHA0LTY0bXAtOWNnOc4AArs9
Memory Safety Issue when using `patch` or `merge` on `state` and assign the result back to `state`Ecosystems: cargo
Packages: tremor-script
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: users
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
GSA_kwCzR0hTQS1qY3I2LTRmcnEtOWdqas4AA1zQ
Users vulnerable to unaligned read of `*const *const c_char` pointerEcosystems: cargo
Packages: users
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 8 months ago
Moderate
Ecosystems: cargo
Packages: nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
GSA_kwCzR0hTQS13dmM0LWo3ZzUtNGY3Oc4AAyWJ
NATS TLS certificate common name validation bypassEcosystems: cargo
Packages: nats
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: about 1 year ago
High
Ecosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
GSA_kwCzR0hTQS1qMzVwLXEyNHItNTM2N80_ng
Dep Group Remote Memory Exhaustion (Denial of Service) in ckbEcosystems: cargo
Packages: ckb
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: about 2 years ago
Moderate
Ecosystems: cargo
Packages: temporary
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS0yanE5LTZ4eDctM2gyOc4AAt8C
`temporary` makes use of uninitialized memoryEcosystems: cargo
Packages: temporary
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Critical
Ecosystems: cargo
Packages: typemap
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS12ZnYzLTl3NnYtMjNqcM4AAu1Q
typemap is UnmaintainedEcosystems: cargo
Packages: typemap
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: molecule
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTgyaG0tdmg3Zy1ocmg5
Partial read is incorrect in moleculeEcosystems: cargo
Packages: molecule
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 2 years ago
Moderate
Ecosystems: cargo
Packages: owning_ref
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS05cXhoLTI1OHYtNjY2Y84AAt5y
owning_ref vulnerable to multiple soundness issuesEcosystems: cargo
Packages: owning_ref
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Low
Ecosystems: cargo
Packages: tokio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS00cTgzLTdjcTQtcDZ3Z84AAxat
`tokio::io::ReadHalf<T>::unsplit` is UnsoundEcosystems: cargo
Packages: tokio
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
Moderate
Ecosystems: cargo
Packages: ammonia
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wMmc5LTk0d2gtNjVjMs4AArqw
Space bug in `clean_text`Ecosystems: cargo
Packages: ammonia
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: abomonation
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1oZnhwLXA2OTUtNjI5eM4AArqu
abomonation transmutes &T to and from &[u8] without sufficient constraintsEcosystems: cargo
Packages: abomonation
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: warp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
GSA_kwCzR0hTQS04djRqLTdqZ2YtNXJnOc4AAxTg
Warp vulnerable to Path Traversal via Improper validation of Windows pathsEcosystems: cargo
Packages: warp
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: over 1 year ago
High
Ecosystems: cargo
Packages: ash
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1xajY5LWM4OXYtandxMs4AArq0
Reading on uninitialized memory may cause UB ( `util::read_spv()` )Ecosystems: cargo
Packages: ash
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: columnar
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1jeGNjLXE4MzktMmN3Oc4AArq9
columnar: `Read` on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec())Ecosystems: cargo
Packages: columnar
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
High
Ecosystems: cargo
Packages: crypto2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
GSA_kwCzR0hTQS1wbWN2LW1nY2YtcnZ4Z84AArrB
Non-aligned u32 read in Chacha20 encryption and decryptionEcosystems: cargo
Packages: crypto2
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: almost 2 years ago
Moderate
Ecosystems: cargo
Packages: zerocopy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS1yamhmLTRtaDgtOXhqcc4AA34F
Zerocopy: Some Ref methods are unsound with some type parametersEcosystems: cargo
Packages: zerocopy
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Low
Ecosystems: cargo
Packages: rusty-paseto
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
GSA_kwCzR0hTQS1qNTdyLTRxdzYtNThyM84AA2-Z
rusty_paseto vulnerable to private key extraction due to ed25519-dalek dependencyEcosystems: cargo
Packages: rusty-paseto
Source: GitHub Advisory Database
Blast Radius: 1.0
Published: 7 months ago
High
Ecosystems: cargo
Packages: safe_pqc_kyber
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
GSA_kwCzR0hTQS1wNHY4LWpnY3YtOWc3Nc4AA4Lu
safe_pqc_kyber leaks parts of secret keysEcosystems: cargo
Packages: safe_pqc_kyber
Source: GitHub Advisory Database
Blast Radius: 0.0
Published: 5 months ago
Statistics
Advisories: 18,804
Packages: 8,399
Repositories: 425
Ecosystems: 12
Packages: 8,399
Repositories: 425
Ecosystems: 12
Filter by Severity
Filter by Ecosystem
Filter by Package
openssl-src
26
ckb
22
wasmtime
16
rusqlite
16
deno
12
surrealdb
8
libpulse-binding
7
hyper
7
openssl
7
Simple-Wayland-HotKey-Daemon
6
sized-chunks
6
smallvec
6
cranelift-codegen
6
frontier
5
messagepack-rs
5
cargo
5
bottlerocket/update-operator
5
xcb
5
lock_api
5
comrak
5
tauri
4
pleaser
4
actix-web
4
tokio
4
evm
4
apollo-router
4
tremor-script
4
raw-cpuid
4
deno_runtime
4
s2n-quic
3
fltk
3
solana_rbpf
3
arrow
3
crossbeam-channel
3
ursa
3
anoncreds-clsignatures
3
flatbuffers
3
routinator
3
crossbeam
3
grin
3
apache-avro
3
arr
3
ammonia
3
tough
3
h2
3
slice-deque
3
id-map
3
cgc
3
acc_reader
3
nanorand
3
quiche
3
tectonic_xdv
2
evm-core
2
matrix-sdk-crypto
2
zerocopy
2
russh
2
cache
2
crayon
2
Deno
2
vm-memory
2
multiqueue
2
libgit2-sys
2
rocket
2
reorder
2
futures-task
2
ordnung
2
coreos-installer
2
memoffset
2
simple-slab
2
pywasm3
2
wasm3
2
hyper-staticfile
2
bronzedb-protocol
2
buffoon
2
rulex
2
arti
2
tor-circmgr
2
ozone
2
spin
2
gix-transport
2
traitobject
2
csv-sniffer
2
opcua
2
image
2
ncurses
2
columnar
2
rand_core
2
toodee
2
slock
2
ash
2
futures-util
2
lru
2
libp2p-core
2
metrics-util
2
vec-const
2
pnet
2
libsecp256k1
2
generator
2
crypto2
2
actix-http
2
trust-dns-server
2
syncpool
2
stack_dst
2
sodiumoxide
2
lettre
2
tower-http
2
net2
2
svix
2
abomonation
2
nix
2
molecule
2
slack-morphism
2
abi_stable
2
derive-com-impl
2
parc
2
arenavec
2
async-h1
2
bumpalo
2
streebog
2
failure
2
sha2
2
rust-embed
2
rdiff
2
rsa
2
ticketed_lock
2
mopa
2
flumedb
2
http
2
binjs_io
2
bite
2
mio
2
gfx-auxil
2
ntpd
2
signal-simple
2
tiny_future
2
inventory
2
oqs
2
simple_asn1
2
tar
2
v9
2
array-macro
2
internment
2
sys-info
1
chacha20
1
asn1_der
1
mongodb
1
cbox
1
rio
1
obstack
1
pyo3
1
concread
1
thex
1
rusb
1
gfwx
1
hashconsing
1
basic_dsp_matrix
1
may_queue
1
va-ts
1
postscript
1
miow
1
through
1
adtensor
1
insert_many
1
rustix
1
scottqueue
1
toolshed
1
chunky
1
libp2p-deflate
1
partial_sort
1
prost-types
1
atty
1
rustls
1
truetype
1
nb-connect
1
quinn
1
ms3d
1
im
1
ws
1
regex
1
maligned
1
galois_2p8
1
bingrep
1
marc
1
biscuit-auth
1
alpm-rs
1
rosenpass
1
cosmwasm-std
1
com.clever-cloud:biscuit-java
1
zeroize_derive
1
libsbc
1
github.com/biscuit-auth/biscuit-go
1
zola
1
atomic-option
1
bcder
1
ferris-says
1
ostree
1
rust-i18n-support
1
bigint
1
aovec
1
serde_v8
1
Filter by Repository
https://github.com/nervosnetwork/ckb
22
https://github.com/bytecodealliance/wasmtime
17
https://github.com/rusqlite/rusqlite
16
https://github.com/denoland/deno
15
https://github.com/surrealdb/surrealdb
8
https://github.com/hyperium/hyper
8
https://github.com/crossbeam-rs/crossbeam
8
https://github.com/sfackler/rust-openssl
7
https://github.com/paritytech/frontier
6
https://github.com/tauri-apps/tauri
6
https://github.com/servo/rust-smallvec
6
https://github.com/waycrate/swhkd
6
https://github.com/actix/actix-web
6
https://github.com/jnqnfe/pulse-binding-rust
6
https://github.com/bodil/sized-chunks
6
https://github.com/otake84/messagepack-rs
5
https://github.com/rust-lang/cargo
5
https://github.com/bottlerocket-os/bottlerocket-update-operator
5
https://github.com/Amanieu/parking_lot
5
https://github.com/kivikakk/comrak
5
https://github.com/rust-blockchain/evm
4
https://github.com/tokio-rs/tokio
4
https://github.com/apollographql/router
4
https://github.com/rust-lang/futures-rs
4
https://github.com/gz/rust-cpuid
4
https://gitlab.com/edneville/please
4
https://github.com/RustCrypto/hashes
4
https://github.com/tremor-rs/tremor-runtime
4
https://github.com/paritytech/libsecp256k1
3
https://github.com/netvl/acc_reader
3
https://github.com/sjep/array
3
https://github.com/github/advisory-database
3
https://github.com/gnzlbg/slice_deque
3
https://github.com/google/flatbuffers
3
https://github.com/MoAlyousef/fltk-rs
3
https://github.com/actix/actix-net
3
https://github.com/playXE/cgc
3
https://github.com/Absolucy/nanorand-rs
3
https://github.com/cloudflare/quiche
3
https://github.com/hyperledger-archives/ursa
3
https://github.com/matrix-org/matrix-rust-sdk
3
https://github.com/libpnet/libpnet
3
https://github.com/rust-ammonia/ammonia
3
https://github.com/aws/s2n-quic
3
https://github.com/awslabs/tough
3
https://github.com/apache/arrow-rs
3
https://github.com/andrewhickman/id-map
3
https://github.com/mvdnes/spin-rs
2
https://github.com/nathansizemore/simple-slab
2
https://github.com/nats-io/nats.rs
2
https://github.com/mimblewimble/grin-security
2
https://github.com/rust-random/rand
2
https://github.com/metrics-rs/metrics
2
https://github.com/metaplex-foundation/metaplex-program-library
2
https://github.com/maciejhirsz/ordnung
2
https://github.com/locka99/opcua
2
https://github.com/rust-lang-nursery/failure
2
https://github.com/nervosnetwork/molecule
2
https://github.com/nix-rust/nix
2
https://github.com/NLnetLabs/routinator
2
https://github.com/open-quantum-safe/liboqs-rust
2
https://github.com/openssl/openssl
2
https://github.com/pendulum-project/ntpd-rs
2
https://github.com/purpleposeidon/v9
2
https://github.com/pyros2097/rust-embed
2
https://github.com/quinn-rs/quinn
2
https://github.com/reem/rust-traitobject
2
https://github.com/rodrimati1992/abi_stable_crates
2
https://github.com/rulex-rs/rulex
2
https://github.com/Eolu/vec-const
2
https://github.com/dyule/rdiff
2
https://github.com/dtolnay/inventory
2
https://github.com/droundy/internment
2
https://github.com/coreos/coreos-installer
2
https://github.com/Connicpu/com-impl
2
https://github.com/chris-morgan/mopa
2
https://github.com/Chopinsky/byte_buffer
2
https://github.com/carllerche/buffoon
2
https://github.com/bytecodealliance/lucet
2
https://github.com/Byron/gitoxide
2
https://github.com/BrokenLamp/slock-rs
2
https://github.com/bluejekyll/trust-dns
2
https://github.com/binast/binjs-ref
2
https://github.com/antonmarsden/toodee
2
https://github.com/alexcrichton/tar-rs
2
https://github.com/alexcrichton/openssl-src-rs
2
https://github.com/acw/simple_asn1
2
https://github.com/abdolence/slack-morphism-rust
2
https://github.com/3Hren/msgpack-rust
2
https://github.com/RustCrypto/RSA
2
https://github.com/lettre/lettre
2
https://github.com/kvark/ticketed_lock
2
https://github.com/krl/cache
2
https://github.com/KizzyCode/tiny_future
2
https://github.com/kitsuneninetails/signal-rust
2
https://github.com/jeromefroe/lru-rs
2
https://github.com/jeaye/ncurses-rs
2
https://github.com/jblondin/csv-sniffer
2
https://github.com/image-rs/image
2
https://github.com/ibabushkin/arenavec
2
https://github.com/hyyking/rustracts
2
https://github.com/http-rs/async-h1
2
https://github.com/hinaria/bite
2
https://github.com/Hexilee/BronzeDB
2
https://github.com/google/zerocopy
2
https://github.com/Gilnaa/memoffset
2
https://github.com/gfx-rs/gfx
2
https://github.com/frankmcsherry/columnar
2
https://github.com/SergioBenitez/Rocket
2
https://github.com/schets/multiqueue
2
https://github.com/tower-rs/tower-http
2
https://github.com/stephank/hyper-staticfile
2
https://github.com/shadowsocks/crypto2
2
https://github.com/wasm3/wasm3
2
https://github.com/Xudong-Huang/generator-rs
2
https://github.com/tokio-rs/mio
2
https://github.com/shawnscode/crayon
2
https://github.com/warp-tech/russh
2
https://github.com/sunrise-choir/flumedb-rs
2
https://github.com/svix/svix-webhooks
2
https://github.com/rust-vmm/vm-memory
2
https://github.com/solana-labs/rbpf
2
https://github.com/tectonic-typesetting/tectonic
2
https://github.com/fitzgen/bumpalo
2
https://github.com/thepowersgang/stack_dst-rs
2
https://github.com/tiby312/reorder
2
https://github.com/TimelyDataflow/abomonation
2
https://gitlab.com/sequoia-pgp/sequoia
2
https://github.com/vertexclique/lever
1
https://github.com/uutils/coreutils
1
https://github.com/dtolnay/serde-yaml
1
https://github.com/dtolnay/unsafe-libyaml
1
https://github.com/dylni/os_str_bytes
1
https://github.com/CosmWasm/serde-json-wasm
1
https://github.com/udoprog/unicycle
1
https://github.com/ebkalderon/renderdoc-rs
1
https://github.com/edarc/max7301
1
https://github.com/ejmahler/transpose
1
https://github.com/elrnv/dync
1
https://github.com/Enet4/bra-rs
1
https://github.com/uazu/qcell
1
https://github.com/eyre-rs/eyre
1
https://github.com/danburkert/prost
1
https://github.com/DaGenix/rust-crypto
1
https://github.com/dandavison/delta
1
https://github.com/crypto-com/sgx-vendor
1
https://github.com/vhbit/lmdb-rs
1
https://github.com/deprecrated/net2-rs
1
https://github.com/Devolutions/gfwx-rs
1
https://github.com/dfinity/candid
1
https://github.com/diesel-rs/diesel
1
https://github.com/crossbeam-rs/crossbeam-epoch
1
https://github.com/dimforge/nalgebra
1
https://github.com/video-audio/va-ts
1
https://github.com/cr0sh/threadalone
1
https://github.com/diwic/reffers-rs
1
https://github.com/djkoloski/rkyv
1
https://github.com/djsweet/galois_2p8
1
https://github.com/dnaq/sodiumoxide
1
https://github.com/gretchenfrage/through
1
https://github.com/tokio-rs/tls
1
https://github.com/tokio-rs/prost
1
https://github.com/housleyjk/ws-rs
1
https://github.com/hrektts/cdr-rs
1
https://github.com/tokio-rs/axum
1
https://github.com/hyperium/h2
1
https://github.com/hyperium/http
1
https://github.com/tmccombs/tls-listener
1
https://github.com/tjtelan/git-url-parse-rs
1
https://github.com/tiny-http/tiny-http
1
https://github.com/time-rs/time
1
https://github.com/icedland/iced
1
https://github.com/ihalila/pancurses
1
https://github.com/ImageOptim/mozjpeg-rust
1
https://github.com/informalsystems/tendermint-rs
1
https://github.com/iqlusioninc/crates
1
https://github.com/irsl/CVE-2020-1967
1
https://github.com/eza-community/eza
1
https://github.com/fadeevab/cocoon
1
https://github.com/fermyon/spin
1
https://github.com/FillZpp/sys-info-rs
1
https://github.com/firecracker-microvm/versionize
1
https://github.com/tylerhawkes/maligned
1
https://github.com/fizyk20/generic-array
1
https://github.com/tu6ge/oss-rs
1
https://github.com/FrinkGlobal/ntru-rs
1
https://github.com/getzola/zola
1
https://github.com/trillium-rs/trillium
1
https://github.com/topgrade-rs/topgrade
1
https://github.com/tomprogrammer/rust-ascii
1
https://github.com/google/brotli
1
https://github.com/TomBebbington/cbox-rs
1
https://github.com/google/rust-async-coap
1
https://github.com/tokio-rs/tracing
1
https://github.com/graphql-rust/juniper
1
https://github.com/Amanieu/thread_local-rs
1
https://github.com/Yoric/telemetry.rs
1
https://github.com/andrewhickman/ms3d
1
https://github.com/Xudong-Huang/rcu_cell
1