{"id":"RUSTSEC-2022-0048","summary":"xml-rs is Unmaintained","details":"xml-rs is a XML parser has open issues around parsing including integer\noverflows / panics that may or may not be an issue with untrusted data.\n\nTogether with these open issues with Unmaintained status xml-rs\nmay or may not be suited to parse untrusted data.\n\n## Alternatives\n\n- [quick-xml](https://crates.io/crates/quick-xml)","modified":"2023-05-05T07:39:54Z","published":"2022-01-26T12:00:00Z","withdrawn":"2023-05-04T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/xml-rs"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2022-0048.html"},{"type":"WEB","url":"https://github.com/netvl/xml-rs/issues"},{"type":"REPORT","url":"https://github.com/netvl/xml-rs/issues/219"},{"type":"REPORT","url":"https://github.com/netvl/xml-rs/issues/210"},{"type":"REPORT","url":"https://github.com/netvl/xml-rs/issues/204"}],"affected":[{"package":{"name":"xml-rs","ecosystem":"crates.io","purl":"pkg:cargo/xml-rs"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"arch":[],"functions":[],"os":[]}},"database_specific":{"cvss":null,"categories":[],"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2022-0048.json","informational":"unmaintained"}}],"schema_version":"1.7.3"}