GHSA-28r9-pq4c-wp3c: personnummer/rust vulnerable to Improper Input Validation
This vulnerability was reported to the personnummer team in June 2020. The slow response was due to locked ownership of some of the affected packages, which caused delays to update packages prior to disclosure.
The vulnerability is determined to be low severity.
References
- crates.io/crates/personnummer
- github.com/advisories/GHSA-28r9-pq4c-wp3c
- github.com/personnummer/rust
- github.com/personnummer/rust/commit/11c3b0491b70449fb790056585ad3251b0e23acb
- github.com/personnummer/rust/pull/4
- github.com/personnummer/rust/releases/tag/v3.0.1
- github.com/personnummer/rust/security/advisories/GHSA-28r9-pq4c-wp3c
- rustsec.org/advisories/RUSTSEC-2020-0166.html
Detect and mitigate GHSA-28r9-pq4c-wp3c with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →