{"id":"RUSTSEC-2025-0010","summary":"Versions of *ring* prior to 0.17 are unmaintained.","details":"*ring* 0.16.20 was released over 4 years ago and isn't maintained, tested, etc.\n\nAdditionally, the project's general policy is to only patch the latest release,\nwhich is 0.17.12 now. It will be difficult for anybody to backport future fixes\nto versions earlier than 0.17.10 due to license changes.","modified":"2025-03-07T15:46:47Z","published":"2025-03-05T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/ring"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0010.html"},{"type":"WEB","url":"https://github.com/briansmith/ring/discussions/2450"}],"affected":[{"package":{"name":"ring","ecosystem":"crates.io","purl":"pkg:cargo/ring"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.17.0"}]}],"ecosystem_specific":{"affects":{"arch":[],"os":[],"functions":[]},"affected_functions":null},"database_specific":{"categories":[],"informational":"unmaintained","cvss":null,"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0010.json"}}],"schema_version":"1.7.3"}