Crate:     chrono
Version:   0.4.19
Title:     Potential segfault in `localtime_r` invocations
Date:      2020-11-10
ID:        RUSTSEC-2020-0159
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0159
Solution:  Upgrade to >=0.4.20
Dependency tree:
chrono 0.4.19
├── tera 1.15.0
│   └── tokei 12.1.2
│       └── cargo-crev 0.23.2
├── crev-wot 0.23.1
│   ├── crev-lib 0.23.1
│   │   └── cargo-crev 0.23.2
│   └── cargo-crev 0.23.2
├── crev-lib 0.23.1
├── crev-data 0.23.1
│   ├── crev-wot 0.23.1
│   ├── crev-lib 0.23.1
│   └── cargo-crev 0.23.2
├── crev-common 0.23.1
│   ├── crev-wot 0.23.1
│   ├── crev-lib 0.23.1
│   ├── crev-data 0.23.1
│   └── cargo-crev 0.23.2
├── crates_io_api 0.8.0
│   └── cargo-crev 0.23.2
├── chrono-tz 0.6.1
│   └── tera 1.15.0
└── cargo-crev 0.23.2

Crate:     curve25519-dalek
Version:   3.2.1
Title:     Timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub`
Date:      2024-06-18
ID:        RUSTSEC-2024-0344
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0344
Solution:  Upgrade to >=4.1.3
Dependency tree:
curve25519-dalek 3.2.1
└── ed25519-dalek 1.0.1
    └── crev-data 0.23.1
        ├── crev-wot 0.23.1
        │   ├── crev-lib 0.23.1
        │   │   └── cargo-crev 0.23.2
        │   └── cargo-crev 0.23.2
        ├── crev-lib 0.23.1
        └── cargo-crev 0.23.2

Crate:     ed25519-dalek
Version:   1.0.1
Title:     Double Public Key Signing Function Oracle Attack on `ed25519-dalek`
Date:      2022-06-11
ID:        RUSTSEC-2022-0093
URL:       https://rustsec.org/advisories/RUSTSEC-2022-0093
Solution:  Upgrade to >=2
Dependency tree:
ed25519-dalek 1.0.1
└── crev-data 0.23.1
    ├── crev-wot 0.23.1
    │   ├── crev-lib 0.23.1
    │   │   └── cargo-crev 0.23.2
    │   └── cargo-crev 0.23.2
    ├── crev-lib 0.23.1
    └── cargo-crev 0.23.2

Crate:     h2
Version:   0.3.13
Title:     Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)
Date:      2024-01-17
ID:        RUSTSEC-2024-0003
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0003
Solution:  Upgrade to ^0.3.24 OR >=0.4.2
Dependency tree:
h2 0.3.13
├── reqwest 0.11.10
│   └── crates_io_api 0.8.0
│       └── cargo-crev 0.23.2
└── hyper 0.14.19
    ├── reqwest 0.11.10
    └── hyper-tls 0.5.0
        └── reqwest 0.11.10

Crate:     h2
Version:   0.3.13
Title:     Degradation of service in h2 servers with CONTINUATION Flood
Date:      2024-04-03
ID:        RUSTSEC-2024-0332
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0332
Solution:  Upgrade to ^0.3.26 OR >=0.4.4

Crate:     h2
Version:   0.3.13
Title:     Resource exhaustion vulnerability in h2 may lead to Denial of Service (DoS)
Date:      2023-04-14
ID:        RUSTSEC-2023-0034
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0034
Solution:  Upgrade to >=0.3.17

Crate:     idna
Version:   0.2.3
Title:     `idna` accepts Punycode labels that do not produce any non-ASCII when decoded
Date:      2024-12-09
ID:        RUSTSEC-2024-0421
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0421
Solution:  Upgrade to >=1.0.0
Dependency tree:
idna 0.2.3
└── url 2.2.2
    ├── reqwest 0.11.10
    │   └── crates_io_api 0.8.0
    │       └── cargo-crev 0.23.2
    ├── git2-curl 0.15.0
    │   └── cargo 0.61.1
    │       └── cargo-crev 0.23.2
    ├── git2 0.14.2
    │   ├── git2-curl 0.15.0
    │   ├── crev-lib 0.23.1
    │   │   └── cargo-crev 0.23.2
    │   ├── cargo-crev 0.23.2
    │   └── cargo 0.61.1
    ├── crates_io_api 0.8.0
    ├── crates-io 0.34.0
    │   └── cargo 0.61.1
    ├── cargo-geiger-serde 0.2.2
    │   └── geiger 0.4.9
    │       └── cargo-crev 0.23.2
    └── cargo 0.61.1

Crate:     libgit2-sys
Version:   0.13.2+1.4.2
Title:     Memory corruption, denial of service, and arbitrary code execution in libgit2
Date:      2024-02-06
ID:        RUSTSEC-2024-0013
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0013
Severity:  8.6 (high)
Solution:  Upgrade to >=0.16.2
Dependency tree:
libgit2-sys 0.13.2+1.4.2
├── git2 0.14.2
│   ├── git2-curl 0.15.0
│   │   └── cargo 0.61.1
│   │       └── cargo-crev 0.23.2
│   ├── crev-lib 0.23.1
│   │   └── cargo-crev 0.23.2
│   ├── cargo-crev 0.23.2
│   └── cargo 0.61.1
└── cargo 0.61.1

Crate:     libgit2-sys
Version:   0.13.2+1.4.2
Title:     git2 does not verify SSH keys by default
Date:      2023-01-20
ID:        RUSTSEC-2023-0003
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0003
Solution:  Upgrade to >=0.13.5, <0.14.0 OR >=0.14.2

Crate:     mio
Version:   0.8.3
Title:     Tokens for named pipes may be delivered after deregistration
Date:      2024-03-04
ID:        RUSTSEC-2024-0019
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0019
Solution:  Upgrade to >=0.8.11
Dependency tree:
mio 0.8.3
└── tokio 1.18.2
    ├── tokio-util 0.7.2
    │   └── h2 0.3.13
    │       ├── reqwest 0.11.10
    │       │   └── crates_io_api 0.8.0
    │       │       └── cargo-crev 0.23.2
    │       └── hyper 0.14.19
    │           ├── reqwest 0.11.10
    │           └── hyper-tls 0.5.0
    │               └── reqwest 0.11.10
    ├── tokio-native-tls 0.3.0
    │   ├── reqwest 0.11.10
    │   └── hyper-tls 0.5.0
    ├── reqwest 0.11.10
    ├── hyper-tls 0.5.0
    ├── hyper 0.14.19
    ├── h2 0.3.13
    └── crates_io_api 0.8.0

Crate:     openssl
Version:   0.10.40
Title:     `openssl` `X509NameBuilder::build` returned object is not thread safe
Date:      2023-03-24
ID:        RUSTSEC-2023-0022
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0022
Solution:  Upgrade to >=0.10.48
Dependency tree:
openssl 0.10.40
├── native-tls 0.2.10
│   ├── tokio-native-tls 0.3.0
│   │   ├── reqwest 0.11.10
│   │   │   └── crates_io_api 0.8.0
│   │   │       └── cargo-crev 0.23.2
│   │   └── hyper-tls 0.5.0
│   │       └── reqwest 0.11.10
│   ├── reqwest 0.11.10
│   └── hyper-tls 0.5.0
└── crypto-hash 0.3.4
    └── cargo-util 0.1.2
        └── cargo 0.61.1
            └── cargo-crev 0.23.2

Crate:     openssl
Version:   0.10.40
Title:     `openssl` `SubjectAlternativeName` and `ExtendedKeyUsage::other` allow arbitrary file read
Date:      2023-03-24
ID:        RUSTSEC-2023-0023
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0023
Solution:  Upgrade to >=0.10.48

Crate:     openssl
Version:   0.10.40
Title:     `openssl` `X509Extension::new` and `X509Extension::new_nid` null pointer dereference
Date:      2023-03-24
ID:        RUSTSEC-2023-0024
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0024
Solution:  Upgrade to >=0.10.48

Crate:     openssl
Version:   0.10.40
Title:     `openssl` `X509VerifyParamRef::set_host` buffer over-read
Date:      2023-06-20
ID:        RUSTSEC-2023-0044
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0044
Solution:  Upgrade to >=0.10.55

Crate:     openssl
Version:   0.10.40
Title:     `MemBio::get_buf` has undefined behavior with empty buffers
Date:      2024-07-21
ID:        RUSTSEC-2024-0357
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0357
Solution:  Upgrade to >=0.10.66

Crate:     openssl
Version:   0.10.40
Title:     ssl::select_next_proto use after free
Date:      2025-02-02
ID:        RUSTSEC-2025-0004
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0004
Solution:  Upgrade to >=0.10.70

Crate:     openssl
Version:   0.10.40
Title:     Use-After-Free in `Md::fetch` and `Cipher::fetch`
Date:      2025-04-04
ID:        RUSTSEC-2025-0022
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0022
Solution:  Upgrade to >=0.10.72

Crate:     openssl-src
Version:   111.20.0+1.1.1o
Title:     AES OCB fails to encrypt some bytes
Date:      2022-07-05
ID:        RUSTSEC-2022-0032
URL:       https://rustsec.org/advisories/RUSTSEC-2022-0032
Solution:  Upgrade to >=111.22, <300.0 OR >=300.0.9
Dependency tree:
openssl-src 111.20.0+1.1.1o
└── openssl-sys 0.9.73
    ├── openssl 0.10.40
    │   ├── native-tls 0.2.10
    │   │   ├── tokio-native-tls 0.3.0
    │   │   │   ├── reqwest 0.11.10
    │   │   │   │   └── crates_io_api 0.8.0
    │   │   │   │       └── cargo-crev 0.23.2
    │   │   │   └── hyper-tls 0.5.0
    │   │   │       └── reqwest 0.11.10
    │   │   ├── reqwest 0.11.10
    │   │   └── hyper-tls 0.5.0
    │   └── crypto-hash 0.3.4
    │       └── cargo-util 0.1.2
    │           └── cargo 0.61.1
    │               └── cargo-crev 0.23.2
    ├── native-tls 0.2.10
    ├── libssh2-sys 0.2.23
    │   └── libgit2-sys 0.13.2+1.4.2
    │       ├── git2 0.14.2
    │       │   ├── git2-curl 0.15.0
    │       │   │   └── cargo 0.61.1
    │       │   ├── crev-lib 0.23.1
    │       │   │   └── cargo-crev 0.23.2
    │       │   ├── cargo-crev 0.23.2
    │       │   └── cargo 0.61.1
    │       └── cargo 0.61.1
    ├── libgit2-sys 0.13.2+1.4.2
    ├── git2 0.14.2
    ├── curl-sys 0.4.55+curl-7.83.1
    │   ├── curl 0.4.43
    │   │   ├── git2-curl 0.15.0
    │   │   ├── crates-io 0.34.0
    │   │   │   └── cargo 0.61.1
    │   │   └── cargo 0.61.1
    │   └── cargo 0.61.1
    ├── curl 0.4.43
    └── cargo-crev 0.23.2

Crate:     openssl-src
Version:   111.20.0+1.1.1o
Title:     X.400 address type confusion in X.509 `GeneralName`
Date:      2023-02-07
ID:        RUSTSEC-2023-0006
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0006
Solution:  Upgrade to >=111.25, <300.0 OR >=300.0.12

Crate:     openssl-src
Version:   111.20.0+1.1.1o
Title:     Timing Oracle in RSA Decryption
Date:      2023-02-07
ID:        RUSTSEC-2023-0007
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0007
Solution:  Upgrade to >=111.25, <300.0 OR >=300.0.12

Crate:     openssl-src
Version:   111.20.0+1.1.1o
Title:     Use-after-free following `BIO_new_NDEF`
Date:      2023-02-07
ID:        RUSTSEC-2023-0009
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0009
Solution:  Upgrade to >=111.25, <300.0 OR >=300.0.12

Crate:     openssl-src
Version:   111.20.0+1.1.1o
Title:     Double free after calling `PEM_read_bio_ex`
Date:      2023-02-07
ID:        RUSTSEC-2023-0010
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0010
Solution:  Upgrade to >=111.25, <300.0 OR >=300.0.12

Crate:     remove_dir_all
Version:   0.5.3
Title:     Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU)
Date:      2023-02-24
ID:        RUSTSEC-2023-0018
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0018
Solution:  Upgrade to >=0.8.0
Dependency tree:
remove_dir_all 0.5.3
└── tempfile 3.3.0
    ├── native-tls 0.2.10
    │   ├── tokio-native-tls 0.3.0
    │   │   ├── reqwest 0.11.10
    │   │   │   └── crates_io_api 0.8.0
    │   │   │       └── cargo-crev 0.23.2
    │   │   └── hyper-tls 0.5.0
    │   │       └── reqwest 0.11.10
    │   ├── reqwest 0.11.10
    │   └── hyper-tls 0.5.0
    ├── cargo-util 0.1.2
    │   └── cargo 0.61.1
    │       └── cargo-crev 0.23.2
    ├── cargo-crev 0.23.2
    └── cargo 0.61.1

Crate:     time
Version:   0.3.9
Title:     Denial of Service via Stack Exhaustion
Date:      2026-02-05
ID:        RUSTSEC-2026-0009
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0009
Severity:  6.8 (medium)
Solution:  Upgrade to >=0.3.47
Dependency tree:
time 0.3.9
└── cargo-crev 0.23.2

Crate:     tokio
Version:   1.18.2
Title:     reject_remote_clients Configuration corruption
Date:      2023-01-04
ID:        RUSTSEC-2023-0001
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0001
Solution:  Upgrade to >=1.18.4, <1.19.0 OR >=1.20.3, <1.21.0 OR >=1.23.1
Dependency tree:
tokio 1.18.2
├── tokio-util 0.7.2
│   └── h2 0.3.13
│       ├── reqwest 0.11.10
│       │   └── crates_io_api 0.8.0
│       │       └── cargo-crev 0.23.2
│       └── hyper 0.14.19
│           ├── reqwest 0.11.10
│           └── hyper-tls 0.5.0
│               └── reqwest 0.11.10
├── tokio-native-tls 0.3.0
│   ├── reqwest 0.11.10
│   └── hyper-tls 0.5.0
├── reqwest 0.11.10
├── hyper-tls 0.5.0
├── hyper 0.14.19
├── h2 0.3.13
└── crates_io_api 0.8.0

Crate:     adler
Version:   1.0.2
Warning:   unmaintained
Title:     adler crate is unmaintained, use adler2 instead
Date:      2025-09-05
ID:        RUSTSEC-2025-0056
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0056
Dependency tree:
adler 1.0.2
└── miniz_oxide 0.5.1
    └── flate2 1.0.24
        └── cargo 0.61.1
            └── cargo-crev 0.23.2

Crate:     ansi_term
Version:   0.12.1
Warning:   unmaintained
Title:     ansi_term is Unmaintained
Date:      2021-08-18
ID:        RUSTSEC-2021-0139
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0139
Dependency tree:
ansi_term 0.12.1
└── clap 2.34.0
    ├── tokei 12.1.2
    │   └── cargo-crev 0.23.2
    └── structopt 0.3.26
        └── cargo-crev 0.23.2

Crate:     atty
Version:   0.2.14
Warning:   unmaintained
Title:     `atty` is unmaintained
Date:      2024-09-25
ID:        RUSTSEC-2024-0375
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0375
Dependency tree:
atty 0.2.14
├── env_logger 0.9.0
│   ├── cargo-crev 0.23.2
│   └── cargo 0.61.1
│       └── cargo-crev 0.23.2
├── env_logger 0.8.4
│   └── tokei 12.1.2
│       └── cargo-crev 0.23.2
├── clap 3.1.18
│   └── cargo 0.61.1
├── clap 2.34.0
│   ├── tokei 12.1.2
│   └── structopt 0.3.26
│       └── cargo-crev 0.23.2
├── cargo-crev 0.23.2
└── cargo 0.61.1

Crate:     crypto-hash
Version:   0.3.4
Warning:   unmaintained
Title:     crypto-hash crate is unmaintained
Date:      2025-09-08
ID:        RUSTSEC-2025-0060
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0060
Dependency tree:
crypto-hash 0.3.4
└── cargo-util 0.1.2
    └── cargo 0.61.1
        └── cargo-crev 0.23.2

Crate:     instant
Version:   0.1.12
Warning:   unmaintained
Title:     `instant` is unmaintained
Date:      2024-09-01
ID:        RUSTSEC-2024-0384
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0384
Dependency tree:
instant 0.1.12
├── parking_lot_core 0.8.5
│   └── parking_lot 0.11.2
│       └── tokei 12.1.2
│           └── cargo-crev 0.23.2
├── parking_lot 0.11.2
└── fastrand 1.7.0
    └── tempfile 3.3.0
        ├── native-tls 0.2.10
        │   ├── tokio-native-tls 0.3.0
        │   │   ├── reqwest 0.11.10
        │   │   │   └── crates_io_api 0.8.0
        │   │   │       └── cargo-crev 0.23.2
        │   │   └── hyper-tls 0.5.0
        │   │       └── reqwest 0.11.10
        │   ├── reqwest 0.11.10
        │   └── hyper-tls 0.5.0
        ├── cargo-util 0.1.2
        │   └── cargo 0.61.1
        │       └── cargo-crev 0.23.2
        ├── cargo-crev 0.23.2
        └── cargo 0.61.1

Crate:     proc-macro-error
Version:   1.0.4
Warning:   unmaintained
Title:     proc-macro-error is unmaintained
Date:      2024-09-01
ID:        RUSTSEC-2024-0370
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0370
Dependency tree:
proc-macro-error 1.0.4
└── structopt-derive 0.4.18
    └── structopt 0.3.26
        └── cargo-crev 0.23.2

Crate:     serde_cbor
Version:   0.11.2
Warning:   unmaintained
Title:     serde_cbor is unmaintained
Date:      2021-08-15
ID:        RUSTSEC-2021-0127
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0127
Dependency tree:
serde_cbor 0.11.2
└── crev-lib 0.23.1
    └── cargo-crev 0.23.2

Crate:     term_size
Version:   0.3.2
Warning:   unmaintained
Title:     `term_size` is unmaintained; use `terminal_size` instead
Date:      2020-11-03
ID:        RUSTSEC-2020-0163
URL:       https://rustsec.org/advisories/RUSTSEC-2020-0163
Dependency tree:
term_size 0.3.2
└── tokei 12.1.2
    └── cargo-crev 0.23.2

Crate:     unic-char-property
Version:   0.9.0
Warning:   unmaintained
Title:     `unic-char-property` is unmaintained
Date:      2025-10-18
ID:        RUSTSEC-2025-0081
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0081
Dependency tree:
unic-char-property 0.9.0
└── unic-ucd-segment 0.9.0
    └── unic-segment 0.9.0
        └── tera 1.15.0
            └── tokei 12.1.2
                └── cargo-crev 0.23.2

Crate:     unic-char-range
Version:   0.9.0
Warning:   unmaintained
Title:     `unic-char-range` is unmaintained
Date:      2025-10-18
ID:        RUSTSEC-2025-0075
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0075
Dependency tree:
unic-char-range 0.9.0
├── unic-ucd-segment 0.9.0
│   └── unic-segment 0.9.0
│       └── tera 1.15.0
│           └── tokei 12.1.2
│               └── cargo-crev 0.23.2
└── unic-char-property 0.9.0
    └── unic-ucd-segment 0.9.0

Crate:     unic-common
Version:   0.9.0
Warning:   unmaintained
Title:     `unic-common` is unmaintained
Date:      2025-10-18
ID:        RUSTSEC-2025-0080
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0080
Dependency tree:
unic-common 0.9.0
└── unic-ucd-version 0.9.0
    └── unic-ucd-segment 0.9.0
        └── unic-segment 0.9.0
            └── tera 1.15.0
                └── tokei 12.1.2
                    └── cargo-crev 0.23.2

Crate:     unic-segment
Version:   0.9.0
Warning:   unmaintained
Title:     `unic-segment` is unmaintained
Date:      2025-10-18
ID:        RUSTSEC-2025-0074
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0074
Dependency tree:
unic-segment 0.9.0
└── tera 1.15.0
    └── tokei 12.1.2
        └── cargo-crev 0.23.2

Crate:     unic-ucd-segment
Version:   0.9.0
Warning:   unmaintained
Title:     `unic-ucd-segment` is unmaintained
Date:      2025-10-18
ID:        RUSTSEC-2025-0104
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0104
Dependency tree:
unic-ucd-segment 0.9.0
└── unic-segment 0.9.0
    └── tera 1.15.0
        └── tokei 12.1.2
            └── cargo-crev 0.23.2

Crate:     unic-ucd-version
Version:   0.9.0
Warning:   unmaintained
Title:     `unic-ucd-version` is unmaintained
Date:      2025-10-18
ID:        RUSTSEC-2025-0098
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0098
Dependency tree:
unic-ucd-version 0.9.0
└── unic-ucd-segment 0.9.0
    └── unic-segment 0.9.0
        └── tera 1.15.0
            └── tokei 12.1.2
                └── cargo-crev 0.23.2

Crate:     yaml-rust
Version:   0.4.5
Warning:   unmaintained
Title:     yaml-rust is unmaintained.
Date:      2024-03-20
ID:        RUSTSEC-2024-0320
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0320
Dependency tree:
yaml-rust 0.4.5
└── serde_yaml 0.8.24
    ├── crev-wot 0.23.1
    │   ├── crev-lib 0.23.1
    │   │   └── cargo-crev 0.23.2
    │   └── cargo-crev 0.23.2
    ├── crev-lib 0.23.1
    ├── crev-data 0.23.1
    │   ├── crev-wot 0.23.1
    │   ├── crev-lib 0.23.1
    │   └── cargo-crev 0.23.2
    ├── crev-common 0.23.1
    │   ├── crev-wot 0.23.1
    │   ├── crev-lib 0.23.1
    │   ├── crev-data 0.23.1
    │   └── cargo-crev 0.23.2
    └── cargo-crev 0.23.2

Crate:     atty
Version:   0.2.14
Warning:   unsound
Title:     Potential unaligned read
Date:      2021-07-04
ID:        RUSTSEC-2021-0145
URL:       https://rustsec.org/advisories/RUSTSEC-2021-0145

Crate:     bumpalo
Version:   3.9.1
Warning:   unsound
Title:     Use-after-free due to a lifetime error in `Vec::into_iter()`
Date:      2022-01-14
ID:        RUSTSEC-2022-0078
URL:       https://rustsec.org/advisories/RUSTSEC-2022-0078
Dependency tree:
bumpalo 3.9.1
└── wasm-bindgen-backend 0.2.80
    └── wasm-bindgen-macro-support 0.2.80
        └── wasm-bindgen-macro 0.2.80
            └── wasm-bindgen 0.2.80
                ├── web-sys 0.3.57
                │   ├── wasm-bindgen-futures 0.4.30
                │   │   └── reqwest 0.11.10
                │   │       └── crates_io_api 0.8.0
                │   │           └── cargo-crev 0.23.2
                │   └── reqwest 0.11.10
                ├── wasm-bindgen-futures 0.4.30
                ├── reqwest 0.11.10
                └── js-sys 0.3.57
                    ├── web-sys 0.3.57
                    ├── wasm-bindgen-futures 0.4.30
                    └── reqwest 0.11.10

Crate:     git2
Version:   0.14.2
Warning:   unsound
Title:     Potential undefined behavior when dereferencing Buf struct
Date:      2026-02-02
ID:        RUSTSEC-2026-0008
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0008
Dependency tree:
git2 0.14.2
├── git2-curl 0.15.0
│   └── cargo 0.61.1
│       └── cargo-crev 0.23.2
├── crev-lib 0.23.1
│   └── cargo-crev 0.23.2
├── cargo-crev 0.23.2
└── cargo 0.61.1

Crate:     openssl
Version:   0.10.40
Warning:   unsound
Title:     `openssl` `X509StoreRef::objects` is unsound
Date:      2023-11-23
ID:        RUSTSEC-2023-0072
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0072

Crate:     tokio
Version:   1.18.2
Warning:   unsound
Title:     `tokio::io::ReadHalf<T>::unsplit` is Unsound
Date:      2023-01-11
ID:        RUSTSEC-2023-0005
URL:       https://rustsec.org/advisories/RUSTSEC-2023-0005

Crate:     tokio
Version:   1.18.2
Warning:   unsound
Title:     Broadcast channel calls clone in parallel, but does not require `Sync`
Date:      2025-04-07
ID:        RUSTSEC-2025-0023
URL:       https://rustsec.org/advisories/RUSTSEC-2025-0023

