Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-54m3-5fxr-2f3j
  • crates.io/salvo
 Salvo is vulnerable to stored XSS in the list_html function by uploading files with malicious names 7 hours ago
  • Fix available
  • Severity - 8.8 (High)
GHSA-rhfx-m35p-ff5j
  • crates.io/lru
 `IterMut` violates Stacked Borrows by invalidating internal pointer yesterday
  • Fix available
  • Severity - 2.7 (Low)
GHSA-gw2x-q739-qhcr
  • crates.io/rustfs
 RustFS gRPC GetMetrics deserialization panic enables remote DoS yesterday
  • Fix available
  • Severity - 5.5 (Medium)
GHSA-pq29-69jg-9mxc
  • crates.io/rustfs
 RustFS Path Traversal Vulnerability yesterday
  • Fix available
  • Severity - 8.8 (High)
RUSTSEC-2026-0002
  • crates.io/lru
 `IterMut` violates Stacked Borrows by invalidating internal pointer yesterday
  • Fix available
GHSA-9c48-w39g-hm26
  • crates.io/rsa
 rsa crate has potential panic on a prime being equal to 1 2 days ago
  • Fix available
  • Severity - 2.7 (Low)
GHSA-6mw6-mj76-grwc
  • crates.io/gix-date
 gix-date can create non-utf8 string with `TimeBuf::as_str` 3 days ago
  • Fix available
  • Severity - 5.5 (Medium)
RUSTSEC-2026-0001
  • crates.io/rkyv
 Potential Undefined Behaviors in `Arc<T>`/`Rc<T>` impls of `from_value` on OOM 3 days ago
  • Fix available
GHSA-95qg-89c2-w5hj
  • crates.io/theshit
 theshit vulnerable to unsafe loading of user-owned Python rules when running as root 30 Dec 2025
  • Fix available
  • Severity - 7.3 (High)
GHSA-h956-rh7x-ppgj
  • crates.io/rustfs
 RustFS has a gRPC Hardcoded Token Authentication Bypass 30 Dec 2025
  • Fix available
  • Severity - 9.8 (Critical)
RUSTSEC-2025-0139
  • crates.io/theshit
 theshit vulnerable to unsafe loading of user-owned Python rules when running as root 30 Dec 2025
  • Fix available
  • Severity - 7.3 (High)
RUSTSEC-2025-0140
  • crates.io/gix-date
 Non-utf8 String can be created with `TimeBuf::as_str` 29 Dec 2025
  • Fix available
GHSA-9fjq-45qv-pcm7
  • crates.io/ruint
 ruint affected by unsoundness of safe `reciprocal_mg10` 26 Dec 2025
  • No fix available
  • Severity - 6.6 (Medium)
RUSTSEC-2025-0137
  • crates.io/ruint
 Unsoundness of safe `reciprocal_mg10` 22 Dec 2025
  • Fix available
RUSTSEC-2025-0141
  • crates.io/bincode
 Bincode is unmaintained 16 Dec 2025
  • No fix available
GHSA-v6x3-9r38-r27q
  • crates.io/sequoia-openpgp
 Sequoia PGP has Subtraction Overflow when aes_key_unwrap function is provided ciphertext that is too short 14 Dec 2025
  • Fix available
  • Severity - 5.3 (Medium)
Load more...