more simplification #529
This check has been archived and is scheduled for deletion.
Learn more about checks retention
GitHub Actions / Security audit
failed
Oct 23, 2023 in 0s
Security advisories found
1 advisories, 1 unmaintained
Details
Vulnerabilities
RUSTSEC-2023-0052
webpki: CPU denial of service in certificate path building
| Details | |
|---|---|
| Package | webpki |
| Version | 0.21.4 |
| Date | 2023-08-22 |
| Patched versions | >=0.22.2 |
When this crate is given a pathological certificate chain to validate, it will
spend CPU time exponential with the number of candidate certificates at each
step of path building.
Both TLS clients and TLS servers that accept client certificate are affected.
This was previously reported in
<briansmith/webpki#69> and re-reported recently
by Luke Malinowski.
webpki 0.22.1 included a partial fix and webpki 0.22.2 added further fixes.
Warnings
RUSTSEC-2023-0049
tuiis unmaintained; useratatuiinstead
| Details | |
|---|---|
| Status | unmaintained |
| Package | tui |
| Version | 0.16.0 |
| URL | fdehau/tui-rs#654 |
| Date | 2023-08-07 |
The tui crate is no longer maintained.
Consider using the ratatui crate instead.
Loading