{"id":"RUSTSEC-2025-0025","summary":"rustc-serialize is unmaintained","details":"`rustc-serialize` will no longer be maintained as declared by the developer. By fuzzing the package, we can identify multiple vulnerabilities.\nThe project has been archived and cannot submit issues. The developer has recommended using the `serde` crate instead.","modified":"2025-04-28T13:38:14Z","published":"2025-04-28T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/rustc-serialize"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0025.html"},{"type":"WEB","url":"https://github.com/rust-lang-deprecated/rustc-serialize/issues"}],"affected":[{"package":{"name":"rustc-serialize","ecosystem":"crates.io","purl":"pkg:cargo/rustc-serialize"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"}]}],"ecosystem_specific":{"affects":{"arch":[],"os":[],"functions":[]},"affected_functions":null},"database_specific":{"cvss":null,"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0025.json","categories":[],"informational":"unmaintained"}}],"schema_version":"1.7.3"}