Labels

• advisory

  security advisory PRs
• authentication bypass

  MitM attacks or other identity confusion issues
• Blocker-Tooling

  Blocker-Tooling
• crypto

  Crypto lib notice
• cryptographic failure

  breakage in cryptographic confidentiality or authenticity
• denial of service

  attacker can crash/prevent access to service
• dependencies

  Pull requests that update a dependency file
• directory traversal

  unintentional filesystem access or remote file disclosure
• Documentation

  Documentation improvements
• duplicate

  advisory is a duplicate
• enhancement

  improvements to advisory-db
• Feedback

  Needs more feedback
• format injection

  e.g. shell escaping, SQL injection, XSS
• Futures

  (Monitor) There is a resolution but this may change
• Good-First

  Good first issue
• help wanted

  please help out!
• invalid

  invalid security advisory
• memory corruption

  attacker can modify memory
• memory exposure

  memory unintentionally exposed to attacker
• privilege escalation

  Authorization or other access control bypass
• Propose-Close

  Propose-Close
• Propose-Merge

  Propose-Merge
• question

  questions about advisories or advisory-db
• remote code execution

  attacker can execute arbitrary code
• thread safety

  Data races or other thread safety errors
• Unmaintained

  Informational / Unmaintained
• Unsound

  Informational / Unsound
• Untracked

  Crate cannot be tracked
• Waiting-Author

  Waiting on Author
• Waiting-Maintainer

  Waiting-Maintainer