Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
hickory-proto: NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses High
GHSA-3v94-mw7p-v465 was published for hickory-net (Rust) May 7, 2026
netavark has incorrect error handling for malformed tcp packets High
CVE-2026-35406 was published for netavark (Rust) Apr 7, 2026
dkane01 Credited to dkane01
quiche connection ID retirement can trigger an infinite loop High
CVE-2025-7054 was published for quiche (Rust) Aug 7, 2025
catenacyber Credited to catenacyber
Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-g97w-mw7g-v3jv was published for sequoia-openpgp (Rust) Jul 27, 2025 withdrawn
SurrealDB CPU exhaustion via custom functions result in total DoS High
GHSA-pxw4-94j3-v9pf was published for surrealdb (Rust) Apr 11, 2025
cure53 Credited to cure53
Low severity (DoS) vulnerability in sequoia-openpgp Low
CVE-2024-58261 was published for sequoia-openpgp (Rust) Jun 26, 2024
Denial of Service Vulnerability in Rustls Library High
CVE-2024-32650 was published for rustls (Rust) Apr 19, 2024
Taowyoo Credited to Taowyoo, arai-fortanix, jjfiv, and s-arash arai-fortanix arai-fortanix
jjfiv jjfiv s-arash s-arash
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar Credited to venkkatesh-sekar and chenyan-dfinity chenyan-dfinity chenyan-dfinity
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath Credited to likebreath
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
Routinator infinite loop vulnerability High
CVE-2021-43172 was published for routinator (Rust) May 24, 2022
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates High
CVE-2022-0778 was published for openssl-src (Rust) Mar 16, 2022
rajivshah3 Credited to rajivshah3 and michaelkedar michaelkedar michaelkedar
Invalid handling of `X509_verify_cert()` internal errors in libssl High
CVE-2021-4044 was published for openssl-src (Rust) Dec 15, 2021
pinkforest Credited to pinkforest
Integer Overflow/Infinite Loop in the http crate High
CVE-2020-25574 was published for http (Rust) Aug 25, 2021
ProTip! Advisories are also available from the GraphQL API