pub struct Metadata {Show 17 fields
pub id: Id,
pub package: Name,
pub title: String,
pub description: String,
pub date: Date,
pub aliases: Vec<Id>,
pub related: Vec<Id>,
pub collection: Option<Collection>,
pub categories: Vec<Category>,
pub keywords: Vec<Keyword>,
pub cvss: Option<Base>,
pub informational: Option<Informational>,
pub references: Vec<Url>,
pub source: Option<SourceId>,
pub url: Option<Url>,
pub withdrawn: Option<Date>,
pub license: License,
}
Expand description
The [advisory]
section of a RustSec security advisory
Fields§
§id: Id
Security advisory ID (e.g. RUSTSEC-YYYY-NNNN)
package: Name
Name of affected crate
title: String
One-liner description of a vulnerability
description: String
Extended description of a vulnerability
date: Date
Date the underlying issue was reported
aliases: Vec<Id>
Advisory IDs in other databases which point to the same advisory
Advisory IDs which are related to this advisory.
(use aliases
for the same vulnerability syndicated to other databases)
collection: Option<Collection>
Collection this advisory belongs to. This isn’t intended to be explicitly specified in the advisory, but rather is auto-populated based on the location
categories: Vec<Category>
RustSec vulnerability categories: one of a fixed list of vulnerability categorizations accepted by the project.
keywords: Vec<Keyword>
Freeform keywords which succinctly describe this vulnerability (e.g. “ssl”, “rce”, “xss”)
cvss: Option<Base>
CVSS v3.1 Base Metrics vector string containing severity information.
Example:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
informational: Option<Informational>
Informational advisories can be used to warn users about issues affecting a particular crate without failing the build.
references: Vec<Url>
Additional reference URLs with more information related to this advisory
source: Option<SourceId>
Source URL where the vulnerable package is located/published.
Defaults to crates.io, i.e. registry+https://github.com/rust-lang/crates.io-index
url: Option<Url>
URL with an announcement (e.g. blog post, PR, disclosure issue, CVE)
withdrawn: Option<Date>
Was this advisory (i.e. itself, regardless of the crate) withdrawn? If yes, when?
This can be used to soft-delete advisories which were filed in error.
license: License
License under which the advisory content is available
Trait Implementations§
source§impl<'de> Deserialize<'de> for Metadata
impl<'de> Deserialize<'de> for Metadata
source§fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>where
__D: Deserializer<'de>,
source§impl PartialEq for Metadata
impl PartialEq for Metadata
impl Eq for Metadata
impl StructuralPartialEq for Metadata
Auto Trait Implementations§
impl Freeze for Metadata
impl RefUnwindSafe for Metadata
impl Send for Metadata
impl Sync for Metadata
impl Unpin for Metadata
impl UnwindSafe for Metadata
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.