logo

Database

Non-upgradable dependencies In rustc-serialize

Description

rustc-serialize is unmaintained rustc-serialize will no longer be maintained as declared by the developer. By fuzzing the package, we can identify multiple vulnerabilities. The project has been archived and cannot submit issues. The developer has recommended using the serde crate instead.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version

Aliases

1. OSV-RUSTSEC-2025-00252. GCVE-RUSTSEC-2025-00253. rustsec.org

References

1. https://github.com/rust-lang-deprecated/rustc-serialize/issues

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.