This project forked from diem/diem
Libra’s mission is to enable a simple global currency and financial infrastructure that empowers billions of people.
Home Page: https://libra.org
License: Apache License 2.0
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Found CVE in container in job https://github.com/sausagee/libra/actions/runs/811871894
Found db-restore failure in job https://github.com/sausagee/libra/actions/runs/817805899
Found RUSTSEC in dependencies in job https://github.com/sausagee/libra/actions/runs/754508691
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 289 security advisories (from /opt/cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (673 crate dependencies)
Crate: difference
Version: 2.0.0
Warning: unmaintained
Title: difference is unmaintained
Date: 2020-12-20
ID: RUSTSEC-2020-0095
URL: https://rustsec.org/advisories/RUSTSEC-2020-0095
Dependency tree:
difference 2.0.0
├── move-lang 0.0.1
│ ├── move-vm-runtime 0.1.0
│ │ ├── vm-genesis 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ └── consensus 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── state-sync 0.1.0
│ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── consensus 0.1.0
│ │ │ │ └── backup-cli 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-json-rpc 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ └── consensus 0.1.0
│ │ ├── test-generation 0.1.0
│ │ ├── resource-viewer 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ │ └── smoke-test 0.1.0
│ │ ├── move-vm-test-utils 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ └── diem-transaction-replay 0.1.0
│ │ ├── move-vm-integration-tests 0.1.0
│ │ ├── move-cli 0.1.0
│ │ ├── language-e2e-testsuite 0.1.0
│ │ ├── language-e2e-tests 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ ├── diem-writeset-generator 0.1.0
│ │ ├── diem-vm 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── test-generation 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ ├── executor-benchmark 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── execution-correctness 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-node 0.1.0
│ │ │ ├── diem-key-manager 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ ├── db-bootstrapper 0.1.0
│ │ │ ├── consensus 0.1.0
│ │ │ └── backup-cli 0.1.0
│ │ └── diem-transaction-replay 0.1.0
│ ├── move-vm-integration-tests 0.1.0
│ ├── move-prover 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-stdlib 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-explain 0.1.0
│ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── docgen 0.1.0
│ │ │ ├── move-stdlib 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── diem-framework 0.1.0
│ │ └── abigen 0.1.0
│ │ ├── move-prover 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── move-model 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-prover 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ ├── docgen 0.1.0
│ │ ├── bytecode 0.1.0
│ │ │ ├── prover-lab 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── docgen 0.1.0
│ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ └── move-prover 0.1.0
│ │ │ └── boogie-backend 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend 0.1.0
│ │ └── abigen 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ ├── move-lang-functional-tests 0.1.0
│ ├── move-cli 0.1.0
│ ├── language-benchmarks 0.1.0
│ ├── diem-writeset-generator 0.1.0
│ ├── diem-transaction-replay 0.1.0
│ └── diem-framework 0.1.0
├── move-cli 0.1.0
├── goldenfile 1.1.0
│ └── language-e2e-tests 0.1.0
├── functional-tests 0.1.0
├── diem-transaction-replay 0.1.0
└── colored-diff 0.2.2
└── x 0.1.0
Crate: dirs
Version: 1.0.5
Warning: unmaintained
Title: dirs is unmaintained, use dirs-next instead
Date: 2020-10-16
ID: RUSTSEC-2020-0053
URL: https://rustsec.org/advisories/RUSTSEC-2020-0053
Dependency tree:
dirs 1.0.5
└── term 0.5.2
└── prettytable-rs 0.8.0
└── prettydiff 0.4.0
└── move-prover-test-utils 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── docgen 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: stdweb
Version: 0.4.20
Warning: unmaintained
Title: stdweb is unmaintained
Date: 2020-05-04
ID: RUSTSEC-2020-0056
URL: https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.25
Crate: term
Version: 0.5.2
Warning: unmaintained
Title: term is looking for a new maintainer
Date: 2018-11-19
ID: RUSTSEC-2018-0015
URL: https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── prettytable-rs 0.8.0
└── prettydiff 0.4.0
└── move-prover-test-utils 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── docgen 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: base64ct
Version: 0.2.1
Warning: yanked
Dependency tree:
base64ct 0.2.1
├── pbkdf2 0.7.3
│ └── diem-wallet 0.1.0
│ └── cli 0.1.0
│ └── smoke-test 0.1.0
└── password-hash 0.1.1
└── pbkdf2 0.7.3
Crate: password-hash
Version: 0.1.1
Warning: yanked
Dependency tree:
password-hash 0.1.1
└── pbkdf2 0.7.3
└── diem-wallet 0.1.0
└── cli 0.1.0
└── smoke-test 0.1.0
warning: 4 allowed warnings found
Found RUSTSEC in dependencies in job https://github.com/sausagee/libra/actions/runs/766045751
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 289 security advisories (from /Users/youngyl/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (673 crate dependencies)
Crate: difference
Version: 2.0.0
Warning: unmaintained
Title: difference is unmaintained
Date: 2020-12-20
ID: RUSTSEC-2020-0095
URL: https://rustsec.org/advisories/RUSTSEC-2020-0095
Dependency tree:
difference 2.0.0
├── move-lang 0.0.1
│ ├── move-vm-runtime 0.1.0
│ │ ├── vm-genesis 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ └── consensus 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── state-sync 0.1.0
│ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── consensus 0.1.0
│ │ │ │ └── backup-cli 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-json-rpc 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ └── consensus 0.1.0
│ │ ├── test-generation 0.1.0
│ │ ├── resource-viewer 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ │ └── smoke-test 0.1.0
│ │ ├── move-vm-test-utils 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ └── diem-transaction-replay 0.1.0
│ │ ├── move-vm-integration-tests 0.1.0
│ │ ├── move-cli 0.1.0
│ │ ├── language-e2e-testsuite 0.1.0
│ │ ├── language-e2e-tests 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ ├── diem-writeset-generator 0.1.0
│ │ ├── diem-vm 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── test-generation 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ ├── executor-benchmark 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── execution-correctness 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-node 0.1.0
│ │ │ ├── diem-key-manager 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ ├── db-bootstrapper 0.1.0
│ │ │ ├── consensus 0.1.0
│ │ │ └── backup-cli 0.1.0
│ │ └── diem-transaction-replay 0.1.0
│ ├── move-vm-integration-tests 0.1.0
│ ├── move-prover 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-stdlib 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-explain 0.1.0
│ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── docgen 0.1.0
│ │ │ ├── move-stdlib 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── diem-framework 0.1.0
│ │ └── abigen 0.1.0
│ │ ├── move-prover 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── move-model 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-prover 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ ├── docgen 0.1.0
│ │ ├── bytecode 0.1.0
│ │ │ ├── prover-lab 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── docgen 0.1.0
│ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ └── move-prover 0.1.0
│ │ │ └── boogie-backend 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend 0.1.0
│ │ └── abigen 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ ├── move-lang-functional-tests 0.1.0
│ ├── move-cli 0.1.0
│ ├── language-benchmarks 0.1.0
│ ├── diem-writeset-generator 0.1.0
│ ├── diem-transaction-replay 0.1.0
│ └── diem-framework 0.1.0
├── move-cli 0.1.0
├── goldenfile 1.1.0
│ └── language-e2e-tests 0.1.0
├── functional-tests 0.1.0
├── diem-transaction-replay 0.1.0
└── colored-diff 0.2.2
└── x 0.1.0
Crate: stdweb
Version: 0.4.20
Warning: unmaintained
Title: stdweb is unmaintained
Date: 2020-05-04
ID: RUSTSEC-2020-0056
URL: https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.25
Crate: term
Version: 0.5.2
Warning: unmaintained
Title: term is looking for a new maintainer
Date: 2018-11-19
ID: RUSTSEC-2018-0015
URL: https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── prettytable-rs 0.8.0
└── prettydiff 0.4.0
└── move-prover-test-utils 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── docgen 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: base64ct
Version: 0.2.1
Warning: yanked
Dependency tree:
base64ct 0.2.1
├── pbkdf2 0.7.3
│ └── diem-wallet 0.1.0
│ └── cli 0.1.0
│ └── smoke-test 0.1.0
└── password-hash 0.1.1
└── pbkdf2 0.7.3
Crate: datatest-stable
Version: 0.1.0
Warning: yanked
Dependency tree:
datatest-stable 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── move-lang-test-utils 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ └── move-lang 0.0.1
├── move-lang-functional-tests 0.1.0
├── move-lang 0.0.1
├── move-cli 0.1.0
├── ir-testsuite 0.1.0
├── functional-tests 0.1.0
├── errmapgen 0.1.0
├── docgen 0.1.0
├── diem-fuzzer 0.1.0
├── diem-framework 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: password-hash
Version: 0.1.1
Warning: yanked
Dependency tree:
password-hash 0.1.1
└── pbkdf2 0.7.3
└── diem-wallet 0.1.0
└── cli 0.1.0
└── smoke-test 0.1.0
warning: 3 allowed warnings found
RUSTSEC found
Found RUSTSEC in dependencies in job
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (479 crate dependencies)
Crate: actix-codec
Version: 0.4.0-beta.1
Title: Use-after-free in Framed due to lack of pinning
Date: 2020-01-30
ID: RUSTSEC-2020-0049
URL: https://rustsec.org/advisories/RUSTSEC-2020-0049
Solution: Upgrade to >=0.3.0-beta.1
Dependency tree:
actix-codec 0.4.0-beta.1
├── actix-web 4.0.0-beta.5
│ ├── aos 0.1.0
│ │ └── analytics 0.1.0
│ ├── analytics 0.1.0
│ └── actix-cors 0.6.0-beta.1
│ ├── aos 0.1.0
│ └── analytics 0.1.0
├── actix-tls 3.0.0-beta.5
│ └── actix-http 3.0.0-beta.5
│ └── actix-web 4.0.0-beta.5
└── actix-http 3.0.0-beta.5
Crate: actix-http
Version: 3.0.0-beta.5
Title: Use-after-free in BodyStream due to lack of pinning
Date: 2020-01-24
ID: RUSTSEC-2020-0048
URL: https://rustsec.org/advisories/RUSTSEC-2020-0048
Solution: Upgrade to >=2.0.0-alpha.1
Dependency tree:
actix-http 3.0.0-beta.5
└── actix-web 4.0.0-beta.5
├── aos 0.1.0
│ └── analytics 0.1.0
├── analytics 0.1.0
└── actix-cors 0.6.0-beta.1
├── aos 0.1.0
└── analytics 0.1.0
Crate: actix-web
Version: 4.0.0-beta.5
Title: Multiple memory safety issues
Date: 2018-06-08
ID: RUSTSEC-2018-0019
URL: https://rustsec.org/advisories/RUSTSEC-2018-0019
Solution: Upgrade to >=0.7.15
Dependency tree:
actix-web 4.0.0-beta.5
├── aos 0.1.0
│ └── analytics 0.1.0
├── analytics 0.1.0
└── actix-cors 0.6.0-beta.1
├── aos 0.1.0
└── analytics 0.1.0
Crate: diesel
Version: 1.4.5
Title: Fix a use-after-free bug in diesels Sqlite backend
Date: 2021-03-05
ID: RUSTSEC-2021-0037
URL: https://rustsec.org/advisories/RUSTSEC-2021-0037
Solution: Upgrade to >=1.4.6
Dependency tree:
diesel 1.4.5
├── migrations_internals 1.4.1
│ ├── migrations_macros 1.4.2
│ │ └── diesel_migrations 1.4.0
│ │ ├── aos 0.1.0
│ │ │ └── analytics 0.1.0
│ │ └── analytics 0.1.0
│ └── diesel_migrations 1.4.0
├── aos 0.1.0
└── analytics 0.1.0
Crate: generic-array
Version: 0.12.3
Title: arr! macro erases lifetimes
Date: 2020-04-09
ID: RUSTSEC-2020-0146
URL: https://rustsec.org/advisories/RUSTSEC-2020-0146
Solution: Upgrade to >=0.8.4, <0.9.0 OR >=0.9.1, <0.10.0 OR >=0.10.1, <0.11.0 OR >=0.11.2, <0.12.0 OR >=0.12.4, <0.13.0 OR >=0.13.3
Dependency tree:
generic-array 0.12.3
Crate: difference
Version: 2.0.0
Warning: unmaintained
Title: difference is unmaintained
Date: 2020-12-20
ID: RUSTSEC-2020-0095
URL: https://rustsec.org/advisories/RUSTSEC-2020-0095
Dependency tree:
difference 2.0.0
└── move-lang 0.0.1
├── move-prover 0.1.0
│ └── move-stdlib 0.1.0
│ └── aos 0.1.0
│ └── analytics 0.1.0
└── move-model 0.1.0
├── move-prover 0.1.0
├── errmapgen 0.1.0
│ └── move-prover 0.1.0
├── docgen 0.1.0
│ ├── move-stdlib 0.1.0
│ └── move-prover 0.1.0
├── bytecode 0.1.0
│ ├── move-prover 0.1.0
│ ├── docgen 0.1.0
│ ├── boogie-backend-v2 0.1.0
│ │ ├── move-prover 0.1.0
│ │ └── boogie-backend 0.1.0
│ │ └── move-prover 0.1.0
│ └── boogie-backend 0.1.0
├── boogie-backend-v2 0.1.0
├── boogie-backend 0.1.0
└── abigen 0.1.0
└── move-prover 0.1.0
Crate: dirs
Version: 1.0.5
Warning: unmaintained
Title: dirs is unmaintained, use dirs-next instead
Date: 2020-10-16
ID: RUSTSEC-2020-0053
URL: https://rustsec.org/advisories/RUSTSEC-2020-0053
Dependency tree:
dirs 1.0.5
└── term 0.5.2
└── prettytable-rs 0.8.0
└── aos 0.1.0
└── analytics 0.1.0
Crate: stdweb
Version: 0.4.20
Warning: unmaintained
Title: stdweb is unmaintained
Date: 2020-05-04
ID: RUSTSEC-2020-0056
URL: https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.23
Crate: term
Version: 0.5.2
Warning: unmaintained
Title: term is looking for a new maintainer
Date: 2018-11-19
ID: RUSTSEC-2018-0015
URL: https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── prettytable-rs 0.8.0
└── aos 0.1.0
└── analytics 0.1.0
Crate: nb-connect
Version: 1.0.2
Warning: yanked
Dependency tree:
nb-connect 1.0.2
└── async-io 1.3.1
├── async-std 1.9.0
│ ├── scheduler 0.1.0
│ │ └── aos 0.1.0
│ │ └── analytics 0.1.0
│ ├── aos 0.1.0
│ └── analytics 0.1.0
└── async-global-executor 2.0.2
└── async-std 1.9.0
warning: 5 allowed warnings found
Found RUSTSEC in dependencies in job https://github.com/sausagee/libra/actions/runs/772450033
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 289 security advisories (from /opt/cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (673 crate dependencies)
Crate: difference
Version: 2.0.0
Warning: unmaintained
Title: difference is unmaintained
Date: 2020-12-20
ID: RUSTSEC-2020-0095
URL: https://rustsec.org/advisories/RUSTSEC-2020-0095
Dependency tree:
difference 2.0.0
├── move-lang 0.0.1
│ ├── move-vm-runtime 0.1.0
│ │ ├── vm-genesis 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ └── consensus 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── state-sync 0.1.0
│ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── consensus 0.1.0
│ │ │ │ └── backup-cli 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-json-rpc 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ └── consensus 0.1.0
│ │ ├── test-generation 0.1.0
│ │ ├── resource-viewer 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ │ └── smoke-test 0.1.0
│ │ ├── move-vm-test-utils 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ └── diem-transaction-replay 0.1.0
│ │ ├── move-vm-integration-tests 0.1.0
│ │ ├── move-cli 0.1.0
│ │ ├── language-e2e-testsuite 0.1.0
│ │ ├── language-e2e-tests 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ ├── diem-writeset-generator 0.1.0
│ │ ├── diem-vm 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── test-generation 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ ├── executor-benchmark 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── execution-correctness 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-node 0.1.0
│ │ │ ├── diem-key-manager 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ ├── db-bootstrapper 0.1.0
│ │ │ ├── consensus 0.1.0
│ │ │ └── backup-cli 0.1.0
│ │ └── diem-transaction-replay 0.1.0
│ ├── move-vm-integration-tests 0.1.0
│ ├── move-prover 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-stdlib 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-explain 0.1.0
│ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── docgen 0.1.0
│ │ │ ├── move-stdlib 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── diem-framework 0.1.0
│ │ └── abigen 0.1.0
│ │ ├── move-prover 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── move-model 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-prover 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ ├── docgen 0.1.0
│ │ ├── bytecode 0.1.0
│ │ │ ├── prover-lab 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── docgen 0.1.0
│ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ └── move-prover 0.1.0
│ │ │ └── boogie-backend 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend 0.1.0
│ │ └── abigen 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ ├── move-lang-functional-tests 0.1.0
│ ├── move-cli 0.1.0
│ ├── language-benchmarks 0.1.0
│ ├── diem-writeset-generator 0.1.0
│ ├── diem-transaction-replay 0.1.0
│ └── diem-framework 0.1.0
├── move-cli 0.1.0
├── goldenfile 1.1.0
│ └── language-e2e-tests 0.1.0
├── functional-tests 0.1.0
├── diem-transaction-replay 0.1.0
└── colored-diff 0.2.2
└── x 0.1.0
Crate: stdweb
Version: 0.4.20
Warning: unmaintained
Title: stdweb is unmaintained
Date: 2020-05-04
ID: RUSTSEC-2020-0056
URL: https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.25
Crate: term
Version: 0.5.2
Warning: unmaintained
Title: term is looking for a new maintainer
Date: 2018-11-19
ID: RUSTSEC-2018-0015
URL: https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── prettytable-rs 0.8.0
└── prettydiff 0.4.0
└── move-prover-test-utils 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── docgen 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: base64ct
Version: 0.2.1
Warning: yanked
Dependency tree:
base64ct 0.2.1
├── pbkdf2 0.7.3
│ └── diem-wallet 0.1.0
│ └── cli 0.1.0
│ └── smoke-test 0.1.0
└── password-hash 0.1.1
└── pbkdf2 0.7.3
Crate: datatest-stable
Version: 0.1.0
Warning: yanked
Dependency tree:
datatest-stable 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── move-lang-test-utils 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ └── move-lang 0.0.1
├── move-lang-functional-tests 0.1.0
├── move-lang 0.0.1
├── move-cli 0.1.0
├── ir-testsuite 0.1.0
├── functional-tests 0.1.0
├── errmapgen 0.1.0
├── docgen 0.1.0
├── diem-fuzzer 0.1.0
├── diem-framework 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: password-hash
Version: 0.1.1
Warning: yanked
Dependency tree:
password-hash 0.1.1
└── pbkdf2 0.7.3
└── diem-wallet 0.1.0
└── cli 0.1.0
└── smoke-test 0.1.0
warning: 3 allowed warnings found
Found vulnerability in container in job https://github.com/sausagee/libra/actions/runs/811973633
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| apt | CVE-2011-3374 | LOW | 1.8.2.2 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not |
| | | | | | equal to its real UID the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0841856-B18BAF | | | | -->security-tracker.debian.org/tracker/TEMP-0841856-B18BAF |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged |
| | | | | | session can escape to the |
| | | | | | parent session in chroot |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-18018 | | | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification |
| | | | | | Forgeries with SHA-1 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| iproute2 | CVE-2019-20795 | MEDIUM | 4.20.0-2+deb10u1 | | iproute: use-after-free in |
| | | | | | get_netnsid_from_name in ip/ipnetns.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20795 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.2 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libc-bin | CVE-2020-1751 | HIGH | 2.28-10 | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2010-4051 | LOW | | | CVE-2010-4052 glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4051 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4052 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+----------------+---------------------+----------+ +---------------+------------------------------------------------------------+
| libc6 | CVE-2020-1751 | HIGH | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2010-4051 | LOW | | | CVE-2010-4052 glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4051 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4052 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgcrypt20 | CVE-2019-13627 | MEDIUM | 1.8.4-5 | | libgcrypt: ECDSA timing attack |
| | | | | | allowing private key leak |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation |
| | | | | | doesn't have semantic security due |
| | | | | | to incorrectly encoded plaintexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgnutls30 | CVE-2021-20231 | CRITICAL | 3.6.7-4+deb10u6 | | gnutls: Use after free in |
| | | | | | client key_share extension |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20231 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-20232 | | | | gnutls: Use after free |
| | | | | | in client_send_params in |
| | | | | | lib/ext/pre_shared_key.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20232 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2020-24659 | HIGH | | | gnutls: Heap buffer |
| | | | | | overflow in handshake with |
| | | | | | no_renegotiation alert sent |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-24659 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2011-3389 | LOW | | | HTTPS: block-wise chosen-plaintext |
| | | | | | attack against SSL/TLS (BEAST) |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libhogweed4 | CVE-2021-20305 | HIGH | 3.4.1-1 | | nettle: Out of bounds memory |
| | | | | | access in signature verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20305 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libidn2-0 | CVE-2019-12290 | | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 |
| | | | | | fails to perform the roundtrip |
| | | | | | checks specified in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| liblz4-1 | CVE-2021-3520 | MEDIUM | 1.8.3-1 | | lz4: memory corruption |
| | | | | | due to an integer overflow |
| | | | | | bug caused by memmove... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3520 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-17543 | LOW | | | lz4: heap-based buffer |
| | | | | | overflow in LZ4_write32 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libnettle6 | CVE-2021-20305 | HIGH | 3.4.1-1 | | nettle: Out of bounds memory |
| | | | | | access in signature verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20305 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: integer overflow in libpcre |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the |
| | | | | | match function in pcre_exec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-16231 | | | | pcre: self-recursive call |
| | | | | | in match() in pcre_exec.c |
| | | | | | leads to denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20838 | | | | pcre: buffer over-read in |
| | | | | | JIT when UTF is disabled |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation |
| | | | | | of syscall filters in libseccomp |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u6 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u7 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in |
| | | | | | _asn1_expand_object_id(ptree) |
| | | | | | leads to memory exhaustion |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u7 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libxtables12 | CVE-2012-2663 | | 1.8.2-4 | | iptables: --syn flag bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2012-2663 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-11360 | | | | iptables: buffer overflow |
| | | | | | in iptables-restore |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-11360 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0628843-DBAD28 | | | | -->security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 |
+----------------+---------------------+ + +---------------+------------------------------------------------------------+
| passwd | CVE-2007-5686 | | | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0628843-DBAD28 | | | | -->security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| perl-base | CVE-2011-4116 | | 5.28.1-6+deb10u1 | | perl: File::Temp insecure |
| | | | | | temporary file handling |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| sysvinit-utils | TEMP-0517018-A83CE6 | | 2.93-8 | | -->security-tracker.debian.org/tracker/TEMP-0517018-A83CE6 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | Tar 1.15.1 does not |
| | | | | | properly warn the user when |
| | | | | | extracting setuid or... |
| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9923 | | | | tar: null-pointer dereference |
| | | | | | in pax_decode_header in sparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-20193 | | | | tar: Memory leak in |
| | | | | | read_header() in list.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0290435-0B57B5 | | | | -->security-tracker.debian.org/tracker/TEMP-0290435-0B57B5 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
Found container vulnerability in job https://github.com/sausagee/libra/actions/runs/811835528
diem/validator:devnet (debian 10.9)
===================================
Total: 101 (UNKNOWN: 0, LOW: 69, MEDIUM: 10, HIGH: 20, CRITICAL: 2)
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| apt | CVE-2011-3374 | LOW | 1.8.2.2 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not |
| | | | | | equal to its real UID the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0841856-B18BAF | | | | -->security-tracker.debian.org/tracker/TEMP-0841856-B18BAF |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged |
| | | | | | session can escape to the |
| | | | | | parent session in chroot |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-18018 | | | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification |
| | | | | | Forgeries with SHA-1 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| iproute2 | CVE-2019-20795 | MEDIUM | 4.20.0-2+deb10u1 | | iproute: use-after-free in |
| | | | | | get_netnsid_from_name in ip/ipnetns.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20795 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.2 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libc-bin | CVE-2020-1751 | HIGH | 2.28-10 | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2010-4051 | LOW | | | CVE-2010-4052 glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4051 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4052 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+----------------+---------------------+----------+ +---------------+------------------------------------------------------------+
| libc6 | CVE-2020-1751 | HIGH | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2010-4051 | LOW | | | CVE-2010-4052 glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4051 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4052 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgcrypt20 | CVE-2019-13627 | MEDIUM | 1.8.4-5 | | libgcrypt: ECDSA timing attack |
| | | | | | allowing private key leak |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation |
| | | | | | doesn't have semantic security due |
| | | | | | to incorrectly encoded plaintexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgnutls30 | CVE-2021-20231 | CRITICAL | 3.6.7-4+deb10u6 | | gnutls: Use after free in |
| | | | | | client key_share extension |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20231 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-20232 | | | | gnutls: Use after free |
| | | | | | in client_send_params in |
| | | | | | lib/ext/pre_shared_key.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20232 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2020-24659 | HIGH | | | gnutls: Heap buffer |
| | | | | | overflow in handshake with |
| | | | | | no_renegotiation alert sent |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-24659 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2011-3389 | LOW | | | HTTPS: block-wise chosen-plaintext |
| | | | | | attack against SSL/TLS (BEAST) |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libhogweed4 | CVE-2021-20305 | HIGH | 3.4.1-1 | | nettle: Out of bounds memory |
| | | | | | access in signature verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20305 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libidn2-0 | CVE-2019-12290 | | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 |
| | | | | | fails to perform the roundtrip |
| | | | | | checks specified in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| liblz4-1 | CVE-2021-3520 | MEDIUM | 1.8.3-1 | | lz4: memory corruption |
| | | | | | due to an integer overflow |
| | | | | | bug caused by memmove... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3520 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-17543 | LOW | | | lz4: heap-based buffer |
| | | | | | overflow in LZ4_write32 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libnettle6 | CVE-2021-20305 | HIGH | 3.4.1-1 | | nettle: Out of bounds memory |
| | | | | | access in signature verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20305 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: integer overflow in libpcre |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the |
| | | | | | match function in pcre_exec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-16231 | | | | pcre: self-recursive call |
| | | | | | in match() in pcre_exec.c |
| | | | | | leads to denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20838 | | | | pcre: buffer over-read in |
| | | | | | JIT when UTF is disabled |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation |
| | | | | | of syscall filters in libseccomp |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u6 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u7 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in |
| | | | | | _asn1_expand_object_id(ptree) |
| | | | | | leads to memory exhaustion |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u7 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libxtables12 | CVE-2012-2663 | | 1.8.2-4 | | iptables: --syn flag bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2012-2663 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-11360 | | | | iptables: buffer overflow |
| | | | | | in iptables-restore |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-11360 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0628843-DBAD28 | | | | -->security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 |
+----------------+---------------------+ + +---------------+------------------------------------------------------------+
| passwd | CVE-2007-5686 | | | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0628843-DBAD28 | | | | -->security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| perl-base | CVE-2011-4116 | | 5.28.1-6+deb10u1 | | perl: File::Temp insecure |
| | | | | | temporary file handling |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| sysvinit-utils | TEMP-0517018-A83CE6 | | 2.93-8 | | -->security-tracker.debian.org/tracker/TEMP-0517018-A83CE6 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | Tar 1.15.1 does not |
| | | | | | properly warn the user when |
| | | | | | extracting setuid or... |
| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9923 | | | | tar: null-pointer dereference |
| | | | | | in pax_decode_header in sparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-20193 | | | | tar: Memory leak in |
| | | | | | read_header() in list.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0290435-0B57B5 | | | | -->security-tracker.debian.org/tracker/TEMP-0290435-0B57B5 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
Found RUSTSEC in dependencies in job https://github.com/sausagee/libra/actions/runs/772397970
Fetching advisory database from `https://github.com/RustSec/advisory-db.git`
Loaded 289 security advisories (from /opt/cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (673 crate dependencies)
Crate: difference
Version: 2.0.0
Warning: unmaintained
Title: difference is unmaintained
Date: 2020-12-20
ID: RUSTSEC-2020-0095
URL: https://rustsec.org/advisories/RUSTSEC-2020-0095
Dependency tree:
difference 2.0.0
├── move-lang 0.0.1
│ ├── move-vm-runtime 0.1.0
│ │ ├── vm-genesis 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ └── consensus 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ ├── state-sync 0.1.0
│ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ ├── consensus 0.1.0
│ │ │ │ └── backup-cli 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-json-rpc 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ └── consensus 0.1.0
│ │ ├── test-generation 0.1.0
│ │ ├── resource-viewer 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── genesis-viewer 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ │ └── smoke-test 0.1.0
│ │ ├── move-vm-test-utils 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ └── diem-transaction-replay 0.1.0
│ │ ├── move-vm-integration-tests 0.1.0
│ │ ├── move-cli 0.1.0
│ │ ├── language-e2e-testsuite 0.1.0
│ │ ├── language-e2e-tests 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ ├── diem-writeset-generator 0.1.0
│ │ ├── diem-vm 0.1.0
│ │ │ ├── vm-validator 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── test-generation 0.1.0
│ │ │ ├── state-sync 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ ├── language-e2e-tests 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── executor-test-helpers 0.1.0
│ │ │ ├── executor-benchmark 0.1.0
│ │ │ ├── executor 0.1.0
│ │ │ ├── execution-correctness 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ ├── diem-node 0.1.0
│ │ │ ├── diem-key-manager 0.1.0
│ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ ├── db-bootstrapper 0.1.0
│ │ │ ├── consensus 0.1.0
│ │ │ └── backup-cli 0.1.0
│ │ └── diem-transaction-replay 0.1.0
│ ├── move-vm-integration-tests 0.1.0
│ ├── move-prover 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-stdlib 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ │ ├── vm-genesis 0.1.0
│ │ │ ├── smoke-test 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-lang 0.0.1
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── functional-tests 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── cli 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-explain 0.1.0
│ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── docgen 0.1.0
│ │ │ ├── move-stdlib 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── diem-framework 0.1.0
│ │ └── abigen 0.1.0
│ │ ├── move-prover 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── move-model 0.1.0
│ │ ├── prover-lab 0.1.0
│ │ ├── move-prover 0.1.0
│ │ ├── errmapgen 0.1.0
│ │ ├── docgen 0.1.0
│ │ ├── bytecode 0.1.0
│ │ │ ├── prover-lab 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── docgen 0.1.0
│ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ └── move-prover 0.1.0
│ │ │ └── boogie-backend 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ └── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend-exp 0.1.0
│ │ ├── boogie-backend 0.1.0
│ │ └── abigen 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ ├── move-lang-functional-tests 0.1.0
│ ├── move-cli 0.1.0
│ ├── language-benchmarks 0.1.0
│ ├── diem-writeset-generator 0.1.0
│ ├── diem-transaction-replay 0.1.0
│ └── diem-framework 0.1.0
├── move-cli 0.1.0
├── goldenfile 1.1.0
│ └── language-e2e-tests 0.1.0
├── functional-tests 0.1.0
├── diem-transaction-replay 0.1.0
└── colored-diff 0.2.2
└── x 0.1.0
Crate: stdweb
Version: 0.4.20
Warning: unmaintained
Title: stdweb is unmaintained
Date: 2020-05-04
ID: RUSTSEC-2020-0056
URL: https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree:
stdweb 0.4.20
└── time 0.2.25
Crate: term
Version: 0.5.2
Warning: unmaintained
Title: term is looking for a new maintainer
Date: 2018-11-19
ID: RUSTSEC-2018-0015
URL: https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree:
term 0.5.2
└── prettytable-rs 0.8.0
└── prettydiff 0.4.0
└── move-prover-test-utils 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── docgen 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: base64ct
Version: 0.2.1
Warning: yanked
Dependency tree:
base64ct 0.2.1
├── pbkdf2 0.7.3
│ └── diem-wallet 0.1.0
│ └── cli 0.1.0
│ └── smoke-test 0.1.0
└── password-hash 0.1.1
└── pbkdf2 0.7.3
Crate: datatest-stable
Version: 0.1.0
Warning: yanked
Dependency tree:
datatest-stable 0.1.0
├── prover-lab 0.1.0
├── move-prover 0.1.0
│ ├── prover-lab 0.1.0
│ ├── move-stdlib 0.1.0
│ │ ├── smoke-test 0.1.0
│ │ ├── move-lang 0.0.1
│ │ │ ├── move-vm-runtime 0.1.0
│ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── diem-mempool 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ │ │ └── diem-fuzz 0.1.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ │ │ ├── generate-format 0.1.0
│ │ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── diem-writeset-generator 0.1.0
│ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ └── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ │ │ └── ir-testsuite 0.1.0
│ │ │ │ │ │ └── diem-fuzzer 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ └── consensus 0.1.0
│ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ │ │ ├── diem-swarm 0.1.0
│ │ │ │ │ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ │ │ │ │ ├── forge 0.0.0
│ │ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ │ │ │ └── cluster-test 0.1.0
│ │ │ │ │ │ │ ├── diem-fuzzer 0.1.0
│ │ │ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-json-rpc 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ └── consensus 0.1.0
│ │ │ │ ├── test-generation 0.1.0
│ │ │ │ ├── resource-viewer 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── genesis-viewer 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ │ └── smoke-test 0.1.0
│ │ │ │ ├── move-vm-test-utils 0.1.0
│ │ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ │ ├── move-cli 0.1.0
│ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ ├── diem-vm 0.1.0
│ │ │ │ │ ├── vm-validator 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── test-generation 0.1.0
│ │ │ │ │ ├── state-sync 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── language-e2e-testsuite 0.1.0
│ │ │ │ │ ├── language-e2e-tests 0.1.0
│ │ │ │ │ ├── language-benchmarks 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── executor-test-helpers 0.1.0
│ │ │ │ │ ├── executor-benchmark 0.1.0
│ │ │ │ │ ├── executor 0.1.0
│ │ │ │ │ ├── execution-correctness 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ ├── diem-node 0.1.0
│ │ │ │ │ ├── diem-key-manager 0.1.0
│ │ │ │ │ ├── diem-genesis-tool 0.1.0
│ │ │ │ │ ├── db-bootstrapper 0.1.0
│ │ │ │ │ ├── consensus 0.1.0
│ │ │ │ │ └── backup-cli 0.1.0
│ │ │ │ └── diem-transaction-replay 0.1.0
│ │ │ ├── move-vm-integration-tests 0.1.0
│ │ │ ├── move-prover 0.1.0
│ │ │ ├── move-model 0.1.0
│ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ ├── errmapgen 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── move-explain 0.1.0
│ │ │ │ │ │ └── diem-json-rpc 0.1.0
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ │ ├── vm-genesis 0.1.0
│ │ │ │ │ ├── smoke-test 0.1.0
│ │ │ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ │ │ ├── move-lang 0.0.1
│ │ │ │ │ ├── move-cli 0.1.0
│ │ │ │ │ ├── functional-tests 0.1.0
│ │ │ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ │ │ └── cli 0.1.0
│ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── move-stdlib 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── diem-framework 0.1.0
│ │ │ │ ├── bytecode 0.1.0
│ │ │ │ │ ├── prover-lab 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ ├── docgen 0.1.0
│ │ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ │ │ └── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend 0.1.0
│ │ │ │ │ ├── move-prover 0.1.0
│ │ │ │ │ └── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend-exp 0.1.0
│ │ │ │ ├── boogie-backend 0.1.0
│ │ │ │ └── abigen 0.1.0
│ │ │ │ ├── move-prover 0.1.0
│ │ │ │ └── diem-framework 0.1.0
│ │ │ ├── move-lang-ir-utils 0.1.0
│ │ │ ├── move-lang-functional-tests 0.1.0
│ │ │ ├── move-cli 0.1.0
│ │ │ ├── language-benchmarks 0.1.0
│ │ │ ├── diem-writeset-generator 0.1.0
│ │ │ ├── diem-transaction-replay 0.1.0
│ │ │ └── diem-framework 0.1.0
│ │ ├── language-benchmarks 0.1.0
│ │ └── diem-framework 0.1.0
│ ├── errmapgen 0.1.0
│ ├── docgen 0.1.0
│ ├── diem-framework 0.1.0
│ └── abigen 0.1.0
├── move-model 0.1.0
├── move-lang-test-utils 0.1.0
│ ├── move-lang-ir-utils 0.1.0
│ └── move-lang 0.0.1
├── move-lang-functional-tests 0.1.0
├── move-lang 0.0.1
├── move-cli 0.1.0
├── ir-testsuite 0.1.0
├── functional-tests 0.1.0
├── errmapgen 0.1.0
├── docgen 0.1.0
├── diem-fuzzer 0.1.0
├── diem-framework 0.1.0
├── bytecode 0.1.0
└── abigen 0.1.0
Crate: password-hash
Version: 0.1.1
Warning: yanked
Dependency tree:
password-hash 0.1.1
└── pbkdf2 0.7.3
└── diem-wallet 0.1.0
└── cli 0.1.0
└── smoke-test 0.1.0
warning: 3 allowed warnings found
Found container vulnerability in job https://github.com/sausagee/libra/actions/runs/811814807
diem/validator:devnet (debian 10.9)
===================================
Total: 101 (UNKNOWN: 0, LOW: 69, MEDIUM: 10, HIGH: 20, CRITICAL: 2)
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| apt | CVE-2011-3374 | LOW | 1.8.2.2 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| bash | CVE-2019-18276 | | 5.0-4 | | bash: when effective UID is not |
| | | | | | equal to its real UID the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-18276 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0841856-B18BAF | | | | -->security-tracker.debian.org/tracker/TEMP-0841856-B18BAF |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| coreutils | CVE-2016-2781 | | 8.30-3 | | coreutils: Non-privileged |
| | | | | | session can escape to the |
| | | | | | parent session in chroot |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-2781 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-18018 | | | | coreutils: race condition |
| | | | | | vulnerability in chown and chgrp |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-18018 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| gcc-8-base | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| gpgv | CVE-2019-14855 | LOW | 2.2.12-1+deb10u1 | | gnupg2: OpenPGP Key Certification |
| | | | | | Forgeries with SHA-1 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-14855 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| iproute2 | CVE-2019-20795 | MEDIUM | 4.20.0-2+deb10u1 | | iproute: use-after-free in |
| | | | | | get_netnsid_from_name in ip/ipnetns.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20795 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libapt-pkg5.0 | CVE-2011-3374 | LOW | 1.8.2.2 | | It was found that apt-key in apt, |
| | | | | | all versions, do not correctly... |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3374 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libc-bin | CVE-2020-1751 | HIGH | 2.28-10 | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2010-4051 | LOW | | | CVE-2010-4052 glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4051 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4052 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+----------------+---------------------+----------+ +---------------+------------------------------------------------------------+
| libc6 | CVE-2020-1751 | HIGH | | | glibc: array overflow in |
| | | | | | backtrace functions for powerpc |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1751 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-1752 | | | | glibc: use-after-free in glob() |
| | | | | | function when expanding ~user |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-1752 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-3326 | | | | glibc: Assertion failure in |
| | | | | | ISO-2022-JP-3 gconv module |
| | | | | | related to combining characters |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3326 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-25013 | MEDIUM | | | glibc: buffer over-read in |
| | | | | | iconv when processing invalid |
| | | | | | multi-byte input sequences in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-25013 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-10029 | | | | glibc: stack corruption |
| | | | | | from crafted input in cosl, |
| | | | | | sinl, sincosl, and tanl... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-10029 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-27618 | | | | glibc: iconv when processing |
| | | | | | invalid multi-byte input |
| | | | | | sequences fails to advance the... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-27618 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2010-4051 | LOW | | | CVE-2010-4052 glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4051 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4052 | | | | CVE-2010-4051 CVE-2010-4052 |
| | | | | | glibc: De-recursivise |
| | | | | | regular expression engine |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4052 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-4756 | | | | glibc: glob implementation |
| | | | | | can cause excessive CPU and |
| | | | | | memory consumption due to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-4756 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2016-10228 | | | | glibc: iconv program can hang |
| | | | | | when invoked with the -c option |
| | | | | | -->avd.aquasec.com/nvd/cve-2016-10228 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-20796 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-20796 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010022 | | | | glibc: stack guard protection bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010022 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010023 | | | | glibc: running ldd on malicious ELF |
| | | | | | leads to code execution because of... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010023 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010024 | | | | glibc: ASLR bypass using |
| | | | | | cache of thread stack and heap |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010024 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-1010025 | | | | glibc: information disclosure of heap |
| | | | | | addresses of pthread_created thread |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-1010025 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19126 | | | | glibc: LD_PREFER_MAP_32BIT_EXEC |
| | | | | | not ignored in setuid binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19126 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9192 | | | | glibc: uncontrolled recursion in |
| | | | | | function check_dst_limits_calc_pos_1 |
| | | | | | in posix/regexec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9192 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-6096 | | | | glibc: signed comparison |
| | | | | | vulnerability in the |
| | | | | | ARMv7 memcpy function |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-6096 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-27645 | | | | glibc: Use-after-free in |
| | | | | | addgetnetgrentX function |
| | | | | | in netgroupcache.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-27645 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgcc1 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgcrypt20 | CVE-2019-13627 | MEDIUM | 1.8.4-5 | | libgcrypt: ECDSA timing attack |
| | | | | | allowing private key leak |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-13627 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2018-6829 | LOW | | | libgcrypt: ElGamal implementation |
| | | | | | doesn't have semantic security due |
| | | | | | to incorrectly encoded plaintexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-6829 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libgnutls30 | CVE-2021-20231 | CRITICAL | 3.6.7-4+deb10u6 | | gnutls: Use after free in |
| | | | | | client key_share extension |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20231 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-20232 | | | | gnutls: Use after free |
| | | | | | in client_send_params in |
| | | | | | lib/ext/pre_shared_key.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20232 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2020-24659 | HIGH | | | gnutls: Heap buffer |
| | | | | | overflow in handshake with |
| | | | | | no_renegotiation alert sent |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-24659 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2011-3389 | LOW | | | HTTPS: block-wise chosen-plaintext |
| | | | | | attack against SSL/TLS (BEAST) |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-3389 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libhogweed4 | CVE-2021-20305 | HIGH | 3.4.1-1 | | nettle: Out of bounds memory |
| | | | | | access in signature verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20305 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libidn2-0 | CVE-2019-12290 | | 2.0.5-1+deb10u1 | | GNU libidn2 before 2.2.0 |
| | | | | | fails to perform the roundtrip |
| | | | | | checks specified in... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-12290 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| liblz4-1 | CVE-2021-3520 | MEDIUM | 1.8.3-1 | | lz4: memory corruption |
| | | | | | due to an integer overflow |
| | | | | | bug caused by memmove... |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-3520 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2019-17543 | LOW | | | lz4: heap-based buffer |
| | | | | | overflow in LZ4_write32 |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-17543 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libnettle6 | CVE-2021-20305 | HIGH | 3.4.1-1 | | nettle: Out of bounds memory |
| | | | | | access in signature verification |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20305 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libpcre3 | CVE-2020-14155 | MEDIUM | 2:8.39-12 | | pcre: integer overflow in libpcre |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-14155 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2017-11164 | LOW | | | pcre: OP_KETRMAX feature in the |
| | | | | | match function in pcre_exec.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-11164 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-16231 | | | | pcre: self-recursive call |
| | | | | | in match() in pcre_exec.c |
| | | | | | leads to denial of service... |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-16231 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-7245 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7245 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2017-7246 | | | | pcre: stack-based buffer overflow |
| | | | | | write in pcre32_copy_substring |
| | | | | | -->avd.aquasec.com/nvd/cve-2017-7246 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20838 | | | | pcre: buffer over-read in |
| | | | | | JIT when UTF is disabled |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20838 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libseccomp2 | CVE-2019-9893 | | 2.3.3-4 | | libseccomp: incorrect generation |
| | | | | | of syscall filters in libseccomp |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9893 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libssl1.1 | CVE-2007-6755 | | 1.1.1d-0+deb10u6 | | Dual_EC_DRBG: weak pseudo |
| | | | | | random number generator |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-6755 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2010-0928 | | | | openssl: RSA authentication weakness |
| | | | | | -->avd.aquasec.com/nvd/cve-2010-0928 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libstdc++6 | CVE-2018-12886 | HIGH | 8.3.0-6 | | gcc: spilling of stack |
| | | | | | protection address in cfgexpand.c |
| | | | | | and function.c leads to... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-12886 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-15847 | | | | gcc: POWER9 "DARN" RNG intrinsic |
| | | | | | produces repeated output |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-15847 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libsystemd0 | CVE-2019-3843 | | 241-7~deb10u7 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libtasn1-6 | CVE-2018-1000654 | | 4.13-3 | | libtasn1: Infinite loop in |
| | | | | | _asn1_expand_object_id(ptree) |
| | | | | | leads to memory exhaustion |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-1000654 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
| libudev1 | CVE-2019-3843 | HIGH | 241-7~deb10u7 | | systemd: services with DynamicUser |
| | | | | | can create SUID/SGID binaries |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3843 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-3844 | | | | systemd: services with DynamicUser |
| | | | | | can get new privileges and |
| | | | | | create SGID binaries... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-3844 |
+ +---------------------+----------+ +---------------+------------------------------------------------------------+
| | CVE-2013-4392 | LOW | | | systemd: TOCTOU race condition |
| | | | | | when updating file permissions |
| | | | | | and SELinux security contexts... |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4392 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-20386 | | | | systemd: memory leak in button_open() |
| | | | | | in login/logind-button.c when |
| | | | | | udev events are received... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-20386 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2020-13776 | | | | systemd: Mishandles numerical |
| | | | | | usernames beginning with decimal |
| | | | | | digits or 0x followed by... |
| | | | | | -->avd.aquasec.com/nvd/cve-2020-13776 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| libxtables12 | CVE-2012-2663 | | 1.8.2-4 | | iptables: --syn flag bypass |
| | | | | | -->avd.aquasec.com/nvd/cve-2012-2663 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-11360 | | | | iptables: buffer overflow |
| | | | | | in iptables-restore |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-11360 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| login | CVE-2007-5686 | | 1:4.5-1.1 | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0628843-DBAD28 | | | | -->security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 |
+----------------+---------------------+ + +---------------+------------------------------------------------------------+
| passwd | CVE-2007-5686 | | | | initscripts in rPath Linux 1 |
| | | | | | sets insecure permissions for |
| | | | | | the /var/log/btmp file,... |
| | | | | | -->avd.aquasec.com/nvd/cve-2007-5686 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2013-4235 | | | | shadow-utils: TOCTOU race |
| | | | | | conditions by copying and |
| | | | | | removing directory trees |
| | | | | | -->avd.aquasec.com/nvd/cve-2013-4235 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2018-7169 | | | | shadow-utils: newgidmap |
| | | | | | allows unprivileged user to |
| | | | | | drop supplementary groups |
| | | | | | potentially allowing privilege... |
| | | | | | -->avd.aquasec.com/nvd/cve-2018-7169 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-19882 | | | | shadow-utils: local users can |
| | | | | | obtain root access because setuid |
| | | | | | programs are misconfigured... |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-19882 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0628843-DBAD28 | | | | -->security-tracker.debian.org/tracker/TEMP-0628843-DBAD28 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| perl-base | CVE-2011-4116 | | 5.28.1-6+deb10u1 | | perl: File::Temp insecure |
| | | | | | temporary file handling |
| | | | | | -->avd.aquasec.com/nvd/cve-2011-4116 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| sysvinit-utils | TEMP-0517018-A83CE6 | | 2.93-8 | | -->security-tracker.debian.org/tracker/TEMP-0517018-A83CE6 |
+----------------+---------------------+ +-------------------+---------------+------------------------------------------------------------+
| tar | CVE-2005-2541 | | 1.30+dfsg-6 | | Tar 1.15.1 does not |
| | | | | | properly warn the user when |
| | | | | | extracting setuid or... |
| | | | | | -->avd.aquasec.com/nvd/cve-2005-2541 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2019-9923 | | | | tar: null-pointer dereference |
| | | | | | in pax_decode_header in sparse.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2019-9923 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | CVE-2021-20193 | | | | tar: Memory leak in |
| | | | | | read_header() in list.c |
| | | | | | -->avd.aquasec.com/nvd/cve-2021-20193 |
+ +---------------------+ + +---------------+------------------------------------------------------------+
| | TEMP-0290435-0B57B5 | | | | -->security-tracker.debian.org/tracker/TEMP-0290435-0B57B5 |
+----------------+---------------------+----------+-------------------+---------------+------------------------------------------------------------+
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.