advisory-db icon indicating copy to clipboard operation
advisory-db copied to clipboard
verified publisher icon rustsec

Import missing advisories from GitHub advisories

Open amousset opened this issue 2 years ago • 1 comments

Currently 92 missing advisories:

  • [ ] 2021-09-01: https://github.com/advisories/GHSA-hw4v-5x4h-c3xm for ["frontier"]
  • [ ] 2021-09-20: https://github.com/advisories/GHSA-mc22-5q92-8v85 for ["tremor-script"]
  • [ ] 2021-09-23: https://github.com/advisories/GHSA-xpwj-7v8q-mcgj for ["deno"]
  • [ ] 2021-10-12: https://github.com/advisories/GHSA-3r3g-g73x-g593 for ["coreos-installer"]
  • [ ] 2021-10-13: https://github.com/advisories/GHSA-vj62-g63v-f8mf for ["frontier"]
  • [ ] 2021-10-19: https://github.com/advisories/GHSA-pvh2-pj76-4m96 for ["evm"]
  • [ ] 2021-10-19: https://github.com/advisories/GHSA-x3r5-q6mj-m485 for ["tough"]
  • [ ] 2021-10-19: https://github.com/advisories/GHSA-r56q-vv3c-6g9c for ["tough"]
  • [ ] 2021-11-03: https://github.com/advisories/GHSA-v935-pqmr-g8v9 for ["num-bigint"]
  • [ ] 2021-11-08: https://github.com/advisories/GHSA-862g-9h5m-m3qv for ["coreos-installer"]
  • [ ] 2021-11-11: https://github.com/advisories/GHSA-6mv9-qcx2-3hh3 for ["routinator"]
  • [ ] 2021-11-30: https://github.com/advisories/GHSA-hf79-8hjp-rrvq for ["lucet-runtime"]
  • [ ] 2021-12-15: https://github.com/advisories/GHSA-gjrj-9rj4-pgwx for ["perseus-actix-web"]
  • [ ] 2022-01-14: https://github.com/advisories/GHSA-cjg2-2fjg-fph4 for ["frontier"]
  • [ ] 2022-01-28: https://github.com/advisories/GHSA-gm68-g349-gxgg for ["bingrep"]
  • [ ] 2022-01-28: https://github.com/advisories/GHSA-xwqr-xmgg-j69q for ["solana_rbpf"]
  • [ ] 2022-02-11: https://github.com/advisories/GHSA-45w3-v3g4-54pm for ["parsec-service"]
  • [ ] 2022-02-15: https://github.com/advisories/GHSA-9p8q-j6q5-mjw8 for ["galois_2p8"]
  • [ ] 2022-02-16: https://github.com/advisories/GHSA-88xq-w8cq-xfg7 for ["wasmtime"]
  • [ ] 2022-03-29: https://github.com/advisories/GHSA-838h-jqp6-cf2f for ["deno"]
  • [ ] 2022-03-31: https://github.com/advisories/GHSA-8m49-2xj8-67v9 for ["Simple-Wayland-HotKey-Daemon"]
  • [ ] 2022-03-31: https://github.com/advisories/GHSA-p4jg-pccf-h82c for ["Simple-Wayland-HotKey-Daemon"]
  • [ ] 2022-04-08: https://github.com/advisories/GHSA-r3r5-jhw6-4634 for ["Simple-Wayland-HotKey-Daemon"]
  • [ ] 2022-04-08: https://github.com/advisories/GHSA-h6xw-mghq-7523 for ["Simple-Wayland-HotKey-Daemon"]
  • [ ] 2022-04-15: https://github.com/advisories/GHSA-x446-3xhq-5xfp for ["Simple-Wayland-HotKey-Daemon"]
  • [ ] 2022-04-15: https://github.com/advisories/GHSA-h5wh-7h2j-h999 for ["Simple-Wayland-HotKey-Daemon"]
  • [ ] 2022-04-22: https://github.com/advisories/GHSA-3227-r97m-8j95 for ["afire"]
  • [ ] 2022-04-22: https://github.com/advisories/GHSA-j35p-q24r-5367 for ["ckb"]
  • [ ] 2022-05-10: https://github.com/advisories/GHSA-9qmm-4mfr-r3wj for ["solana_rbpf"]
  • [ ] 2022-05-22: https://github.com/advisories/GHSA-ffx3-8qvm-pq3j for ["solana_rbpf"]
  • [ ] 2022-05-24: https://github.com/advisories/GHSA-4rjr-3gj2-5crq for ["mongodb"]
  • [ ] 2022-06-13: https://github.com/advisories/GHSA-67hm-27mx-9cg7 for ["deno"]
  • [ ] 2022-06-17: https://github.com/advisories/GHSA-75rw-34q6-72cr for ["biscuit-auth"]
  • [ ] 2022-06-17: https://github.com/advisories/GHSA-w3vw-ccc5-qr8v for ["tss-esapi"]
  • [ ] 2022-06-29: https://github.com/advisories/GHSA-jqwc-c49r-4w2x for ["cranelift-codegen", "wasmtime"]
  • [ ] 2022-06-29: https://github.com/advisories/GHSA-jqwc-c49r-4w2x for ["cranelift-codegen", "wasmtime"]
  • [ ] 2022-07-20: https://github.com/advisories/GHSA-5fhj-g3p3-pq9g for ["cranelift-codegen", "wasmtime"]
  • [ ] 2022-07-20: https://github.com/advisories/GHSA-5fhj-g3p3-pq9g for ["cranelift-codegen", "wasmtime"]
  • [ ] 2022-07-21: https://github.com/advisories/GHSA-7f6x-jwh5-m9r4 for ["cranelift-codegen", "wasmtime"]
  • [ ] 2022-07-21: https://github.com/advisories/GHSA-7f6x-jwh5-m9r4 for ["cranelift-codegen", "wasmtime"]
  • [ ] 2022-08-10: https://github.com/advisories/GHSA-wcm8-86x6-8mv3 for ["apache-avro"]
  • [ ] 2022-08-10: https://github.com/advisories/GHSA-3w5g-989p-35r8 for ["apache-avro"]
  • [ ] 2022-08-10: https://github.com/advisories/GHSA-v456-chpw-6mmw for ["apache-avro"]
  • [ ] 2022-08-18: https://github.com/advisories/GHSA-mjvm-mhgc-q4gp for ["frontier"]
  • [ ] 2022-08-24: https://github.com/advisories/GHSA-8mx2-gqx9-rm7f for ["opcua"]
  • [ ] 2022-08-25: https://github.com/advisories/GHSA-hgxq-hcrm-c5pm for ["opcua"]
  • [ ] 2022-09-14: https://github.com/advisories/GHSA-m4vx-ccrf-w399 for ["routinator"]
  • [ ] 2022-09-16: https://github.com/advisories/GHSA-2hvr-h6gw-qrxp for ["cargo"]
  • [ ] 2022-09-16: https://github.com/advisories/GHSA-rfj2-q3h3-hm5j for ["cargo"]
  • [ ] 2022-09-21: https://github.com/advisories/GHSA-crf8-h2wq-2h9x for ["wasm3"]
  • [ ] 2022-09-23: https://github.com/advisories/GHSA-v57h-6hmh-g2p4 for ["frontier"]
  • [ ] 2022-11-02: https://github.com/advisories/GHSA-9mfc-chwf-7whf for ["ckb"]
  • [ ] 2022-11-02: https://github.com/advisories/GHSA-7fw6-6mfj-g3q2 for ["ckb"]
  • [ ] 2022-11-02: https://github.com/advisories/GHSA-mcmr-49x3-4jqm for ["ckb"]
  • [ ] 2022-12-12: https://github.com/advisories/GHSA-8r76-fr72-j32w for ["mpl-bubblegum", "mpl-token-metadata"]
  • [ ] 2022-12-12: https://github.com/advisories/GHSA-8r76-fr72-j32w for ["mpl-bubblegum", "mpl-token-metadata"]
  • [ ] 2022-12-12: https://github.com/advisories/GHSA-9v25-r5q2-2p6w for ["mpl-candy-machine"]
  • [ ] 2022-12-12: https://github.com/advisories/GHSA-52h2-m2cf-9jh6 for ["linux-loader"]
  • [ ] 2022-12-13: https://github.com/advisories/GHSA-vr8j-hgmm-jh9r for ["openssl-src"]
  • [ ] 2022-12-14: https://github.com/advisories/GHSA-xqqc-c5gw-c5r5 for ["tendermint-light-client", "tendermint-light-client-js", "tendermint-light-client-verifier"]
  • [ ] 2022-12-14: https://github.com/advisories/GHSA-xqqc-c5gw-c5r5 for ["tendermint-light-client", "tendermint-light-client-js", "tendermint-light-client-verifier"]
  • [ ] 2022-12-14: https://github.com/advisories/GHSA-xqqc-c5gw-c5r5 for ["tendermint-light-client", "tendermint-light-client-js", "tendermint-light-client-verifier"]
  • [ ] 2022-12-22: https://github.com/advisories/GHSA-6mv3-wm7j-h4w5 for ["tauri"]
  • [ ] 2023-01-10: https://github.com/advisories/GHSA-r5w3-xm58-jv6j for ["cargo"]
  • [ ] 2023-01-13: https://github.com/advisories/GHSA-m589-mv4q-p7rj for ["webbrowser"]
  • [ ] 2023-01-20: https://github.com/advisories/GHSA-mc52-jpm2-cqh6 for ["deno"]
  • [ ] 2023-02-08: https://github.com/advisories/GHSA-fjj4-2q73-jvgc for ["ckb"]
  • [ ] 2023-02-08: https://github.com/advisories/GHSA-p2gm-ffr3-w2xw for ["ckb"]
  • [ ] 2023-03-09: https://github.com/advisories/GHSA-xm67-587q-r2vw for ["cranelift-codegen", "wasmtime"]
  • [ ] 2023-03-09: https://github.com/advisories/GHSA-xm67-587q-r2vw for ["cranelift-codegen", "wasmtime"]
  • [ ] 2023-03-09: https://github.com/advisories/GHSA-ff4p-7xrq-q5r8 for ["cranelift-codegen", "wasmtime"]
  • [ ] 2023-03-09: https://github.com/advisories/GHSA-ff4p-7xrq-q5r8 for ["cranelift-codegen", "wasmtime"]
  • [ ] 2023-03-17: https://github.com/advisories/GHSA-cqvm-j2r2-hwpg for ["russh"]
  • [ ] 2023-03-21: https://github.com/advisories/GHSA-fcmm-54jp-7vf6 for ["frontier"]
  • [ ] 2023-03-23: https://github.com/advisories/GHSA-c25x-cm9x-qqgx for ["Deno", "deno_runtime", "serde_v8"]
  • [ ] 2023-03-23: https://github.com/advisories/GHSA-c25x-cm9x-qqgx for ["Deno", "deno_runtime", "serde_v8"]
  • [ ] 2023-03-23: https://github.com/advisories/GHSA-c25x-cm9x-qqgx for ["Deno", "deno_runtime", "serde_v8"]
  • [ ] 2023-03-24: https://github.com/advisories/GHSA-vq67-rp93-65qf for ["deno", "deno_runtime"]
  • [ ] 2023-03-24: https://github.com/advisories/GHSA-vq67-rp93-65qf for ["deno", "deno_runtime"]
  • [ ] 2023-03-28: https://github.com/advisories/GHSA-8hqf-xjwp-p67v for ["comrak"]
  • [ ] 2023-03-28: https://github.com/advisories/GHSA-xxmq-4vph-956w for ["comrak"]
  • [ ] 2023-03-28: https://github.com/advisories/GHSA-5r3x-p7xx-x6q5 for ["comrak"]
  • [ ] 2023-04-03: https://github.com/advisories/GHSA-jc97-h3h9-7xh6 for ["deno"]
  • [ ] 2023-04-26: https://github.com/advisories/GHSA-mjv9-vp6w-3rc9 for ["aws-sigv4"]
  • [ ] 2023-04-27: https://github.com/advisories/GHSA-ch89-5g45-qwc7 for ["wasmtime"]
  • [ ] 2023-05-03: https://github.com/advisories/GHSA-4wm2-cwcf-wwvp for ["tauri"]
  • [ ] 2023-05-04: https://github.com/advisories/GHSA-mphm-gqh9-q59x for ["microbin"]
  • [ ] 2023-05-25: https://github.com/advisories/GHSA-qwhm-h7v3-mrjx for ["ntpd"]
  • [ ] 2023-05-30: https://github.com/advisories/GHSA-x7fr-pg8f-93f5 for ["sccache"]
  • [ ] 2023-05-31: https://github.com/advisories/GHSA-vc52-gwm3-8v2f for ["deno", "deno_runtime"]
  • [ ] 2023-05-31: https://github.com/advisories/GHSA-vc52-gwm3-8v2f for ["deno", "deno_runtime"]
  • [ ] 2023-06-05: https://github.com/advisories/GHSA-7gf7-jv65-wjmh for ["xml-rs"]

using https://github.com/rustsec/rustsec/pull/656. BTW it also shows problems in crates names used in some GitHub advisories:

Crate names ["bottlerocket/update-operator"] in GHSA-j79x-vvgm-w73w advisory not matching existing advisory RUSTSEC-2023-0009, skipping
Crate names ["bottlerocket/update-operator"] in GHSA-j859-pmrq-9q6c advisory not matching existing advisory RUSTSEC-2023-0007, skipping
Crate names ["Tauri"] in GHSA-q9wv-22m9-vhqh advisory not matching existing advisory RUSTSEC-2022-0091, skipping
Crate names ["bottlerocket/update-operator"] in GHSA-3wxx-jxwc-mg39 advisory not matching existing advisory RUSTSEC-2023-0010, skipping
Unknown crate bottlerocket/update-operator in GHSA-pj34-fpw3-83qj advisory, skipping
Crate names ["mdBook"] in GHSA-gx5w-rrhp-f436 advisory not matching existing advisory RUSTSEC-2021-0001, skipping
Crate names ["compu-brotli-sys"] in GHSA-5v8v-66v8-mwm7 advisory not matching existing advisory RUSTSEC-2021-0131, skipping
Unknown crate bottlerocket/update-operator in GHSA-qf87-q4gg-cg43 advisory, skipping

amousset avatar Jun 13 '23 20:06 amousset

I'll treat them by descending chronological order.

amousset avatar Jun 13 '23 20:06 amousset