rustsec-2022-0056
Vulnerability from osv_rustsec
Published
2022-06-25 12:00
Modified
2022-09-24 11:52
Summary
clipboard is Unmaintained
Details

Last release was almost 4 years ago and the repository with outstanding issues and pull requests seems to be abandoned by the maintainer.

In addition the sole maintainer account may be abandoned that may represent account takeover risk.

Current outstanding issues include vulnerable dependencies that all together may mean that security issues may not be addressed now or in the future.

Possible Alternative(s)

The below list has not been vetted in any way and may or may not contain alternatives;

To clipboard 

{
  "affected": [
    {
      "database_specific": {
        "categories": [],
        "cvss": null,
        "informational": "unmaintained"
      },
      "ecosystem_specific": {
        "affected_functions": null,
        "affects": {
          "arch": [],
          "functions": [],
          "os": []
        }
      },
      "package": {
        "ecosystem": "crates.io",
        "name": "clipboard",
        "purl": "pkg:cargo/clipboard"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.0.0-0"
            }
          ],
          "type": "SEMVER"
        }
      ],
      "versions": []
    }
  ],
  "aliases": [],
  "database_specific": {
    "license": "CC0-1.0"
  },
  "details": "Last release was almost 4 years ago and the repository with outstanding issues and pull requests seems to be abandoned by the maintainer.\n\nIn addition the sole maintainer account may be abandoned that may represent account takeover risk.\n\nCurrent outstanding issues include vulnerable dependencies that all together may mean that security issues may not be addressed now or in the future.\n\n## Possible Alternative(s)\n\nThe below list has not been vetted in any way and may or may not contain alternatives;\n\n- [`arboard`](https://crates.io/crates/arboard)\n- [`clipboard-win`](https://crates.io/crates/clipboard-win) (Windows only)\n- [`copy-pasta`](https://crates.io/crates/copypasta)\n- [`x11-clipboard`](https://crates.io/crates/x11-clipboard) (Linux/BSD only)",
  "id": "RUSTSEC-2022-0056",
  "modified": "2022-09-24T11:52:27Z",
  "published": "2022-06-25T12:00:00Z",
  "references": [
    {
      "type": "PACKAGE",
      "url": "https://crates.io/crates/clipboard"
    },
    {
      "type": "ADVISORY",
      "url": "https://rustsec.org/advisories/RUSTSEC-2022-0056.html"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/aweinstock314/rust-clipboard/issues/91"
    },
    {
      "type": "REPORT",
      "url": "https://github.com/aweinstock314/rust-clipboard/issues/90"
    }
  ],
  "related": [],
  "severity": [],
  "summary": "clipboard is Unmaintained"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.