Skip to content

QuantumScan

servo/servo

servo/servo
35
risk score
1 findings · 200 files scanned

Servo repository contains one critical finding: SHA-1 usage in network event devtools code. The finding is located in developer tooling infrastructure rather than core security or cryptographic operations. While SHA-1 is cryptographically broken, the context appears to be for network event tracking/debugging rather than security-critical authentication or integrity verification.

Recent findings
FileAlgorithmSeverity
components/devtools/actors/network_event.rs:246SHA-1criticalBusiness impact 25
Exposure by language
Rust1 · 100%
Compliance mapping
DORA
OK
NIS2
OK
NIST PQC
OK
Exports for compliance
Share read-only link

Anyone with this link can view the risk score and top findings — no sign-in required. Source code stays private.

https://quantumscan.io/en/share/9ff502df-95ed-45dc-ae53-eaee29ccef26
Add a badge to your README

Show your project's post-quantum readiness in the README. The badge updates automatically after every new scan.

Preview

Post-Quantum Readiness
Markdown
[![Post-Quantum Readiness](https://quantumscan.io/api/badge/servo/servo.svg)](https://github.com/servo/servo)
HTML
<a href="https://github.com/servo/servo"><img src="https://quantumscan.io/api/badge/servo/servo.svg" alt="Post-Quantum Readiness" /></a>

Add badge to your README

Show your quantum-safety score directly on GitHub.

QuantumScan badge preview
[![QuantumScan](https://quantumscan.io/api/badge/servo/servo.svg)](https://quantumscan.io/en/scan/9ff502df-95ed-45dc-ae53-eaee29ccef26)

Save your results & track future changes

Create a free account to get drift alerts, compliance PDF exports, and scan history.

  • Weekly drift alerts when new vulnerabilities appear
  • Track risk score over time across all your repos
  • Export DORA / NIS2 compliance PDF for auditors

Free forever for design partners · No credit card