You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I opened an issue with their repository where such data problems should be reported, but until now have not heard back in any way: OSSIndex/vulns#314
I wanted to let you know of this problem, which of course is not your fault in any way.
(Depending on Sonatype does things, it could be that it would go away with a 15.1.1 being release, but I can not guarantee that either - maybe they need to manually add the "max" version for a vuln and just did not do that yet with this one 🤷 )
The text was updated successfully, but these errors were encountered:
https://rustsec.org/advisories/RUSTSEC-2020-0096.html was fixed as part of 15.1.0. Unfortunately Sonatype OSSIndex, a vulnerability registry, still reports that version as vulnerable with exactly this vulnerability: https://ossindex.sonatype.org/component/pkg:cargo/im@15.1.0 This data set for example is used for
cargo pantsbut also their commercial vuln scanner product - which is why we get emails from users and customers about problems in our code.I opened an issue with their repository where such data problems should be reported, but until now have not heard back in any way: OSSIndex/vulns#314
I wanted to let you know of this problem, which of course is not your fault in any way.
(Depending on Sonatype does things, it could be that it would go away with a 15.1.1 being release, but I can not guarantee that either - maybe they need to manually add the "max" version for a vuln and just did not do that yet with this one 🤷 )
The text was updated successfully, but these errors were encountered: