You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We are currently ignoring the following advisories. Before mainnet, we need to either resolve or verify that we are ok with the risk for each advisory listed here:
RUSTSEC-2023-0071 — rsa: Marvin Attack — non-constant-time implementation leaks private key info via timing sidechannels observable over the network.
RUSTSEC-2024-0388 — derivative: Crate is unmaintained (since 2021); consider alternatives like derive_more or derive-where.
RUSTSEC-2024-0436 — paste: Crate is unmaintained and archived by its creator; pastey is a recommended drop-in replacement.
RUSTSEC-2025-0055 — tracing-subscriber: ANSI escape sequence injection via untrusted user input in logs; fixed in ≥0.3.20.
RUSTSEC-2025-0141 — bincode: Crate is permanently unmaintained due to a doxxing/harassment incident; alternatives include postcard, bitcode, and rkyv.
We are currently ignoring the following advisories. Before mainnet, we need to either resolve or verify that we are ok with the risk for each advisory listed here:
rsa: Marvin Attack — non-constant-time implementation leaks private key info via timing sidechannels observable over the network.derivative: Crate is unmaintained (since 2021); consider alternatives likederive_moreorderive-where.paste: Crate is unmaintained and archived by its creator;pasteyis a recommended drop-in replacement.tracing-subscriber: ANSI escape sequence injection via untrusted user input in logs; fixed in ≥0.3.20.bincode: Crate is permanently unmaintained due to a doxxing/harassment incident; alternatives includepostcard,bitcode, andrkyv.