We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello,
Running cargo audit against the project raises 3 vulnerabilities from dependencies:
cargo audit
┌──(kali㉿kali)-[~/link] └─$ cargo audit Fetching advisory database from `https://github.com/RustSec/advisory-db.git` Loaded 461 security advisories (from /home/kali/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (245 crate dependencies) Crate: nix Version: 0.19.1 Title: Out-of-bounds write in nix::unistd::getgrouplist Date: 2021-09-27 ID: RUSTSEC-2021-0119 URL: https://rustsec.org/advisories/RUSTSEC-2021-0119 Solution: Upgrade to ^0.20.2 OR ^0.21.2 OR ^0.22.2 OR >=0.23.0 Dependency tree: nix 0.19.1 └── rustyline 7.1.0 └── link 0.1.0 Crate: time Version: 0.1.44 Title: Potential segfault in the time crate Date: 2020-11-18 ID: RUSTSEC-2020-0071 URL: https://rustsec.org/advisories/RUSTSEC-2020-0071 Solution: Upgrade to >=0.2.23 Dependency tree: time 0.1.44 └── chrono 0.4.22 └── link 0.1.0 Crate: tokio Version: 0.2.25 Title: Data race when sending and receiving after closing a `oneshot` channel Date: 2021-11-16 ID: RUSTSEC-2021-0124 URL: https://rustsec.org/advisories/RUSTSEC-2021-0124 Solution: Upgrade to >=1.8.4, <1.9.0 OR >=1.13.1 Dependency tree: tokio 0.2.25 ├── trust-dns-resolver 0.19.7 │ └── actix-connect 2.0.0 │ └── actix-http 2.2.2 │ ├── awc 2.0.3 │ │ └── actix-web 3.3.3 │ │ └── link 0.1.0 │ └── actix-web 3.3.3 ├── trust-dns-proto 0.19.7 │ ├── trust-dns-resolver 0.19.7 │ └── actix-connect 2.0.0 ├── tokio-util 0.3.1 │ ├── h2 0.2.7 │ │ └── actix-http 2.2.2 │ └── actix-codec 0.3.0 │ ├── awc 2.0.3 │ ├── actix-web 3.3.3 │ ├── actix-utils 2.0.0 │ │ ├── actix-web 3.3.3 │ │ ├── actix-tls 2.0.0 │ │ │ ├── actix-web 3.3.3 │ │ │ └── actix-http 2.2.2 │ │ ├── actix-server 1.0.4 │ │ │ ├── actix-web 3.3.3 │ │ │ └── actix-testing 1.0.1 │ │ │ └── actix-web 3.3.3 │ │ ├── actix-http 2.2.2 │ │ └── actix-connect 2.0.0 │ ├── actix-tls 2.0.0 │ ├── actix-server 1.0.4 │ ├── actix-http 2.2.2 │ └── actix-connect 2.0.0 ├── tokio-openssl 0.4.0 │ ├── actix-tls 2.0.0 │ └── actix-connect 2.0.0 ├── h2 0.2.7 ├── actix-rt 1.1.1 │ ├── awc 2.0.3 │ ├── actix-web 3.3.3 │ ├── actix-utils 2.0.0 │ ├── actix-testing 1.0.1 │ ├── actix-server 1.0.4 │ ├── actix-http 2.2.2 │ └── actix-connect 2.0.0 └── actix-codec 0.3.0 Crate: net2 Version: 0.2.37 Warning: unmaintained Title: `net2` crate has been deprecated; use `socket2` instead Date: 2020-05-01 ID: RUSTSEC-2020-0016 URL: https://rustsec.org/advisories/RUSTSEC-2020-0016 Dependency tree: net2 0.2.37 ├── miow 0.2.2 │ └── mio 0.6.23 │ ├── tokio 0.2.25 │ │ ├── trust-dns-resolver 0.19.7 │ │ │ └── actix-connect 2.0.0 │ │ │ └── actix-http 2.2.2 │ │ │ ├── awc 2.0.3 │ │ │ │ └── actix-web 3.3.3 │ │ │ │ └── link 0.1.0 │ │ │ └── actix-web 3.3.3 │ │ ├── trust-dns-proto 0.19.7 │ │ │ ├── trust-dns-resolver 0.19.7 │ │ │ └── actix-connect 2.0.0 │ │ ├── tokio-util 0.3.1 │ │ │ ├── h2 0.2.7 │ │ │ │ └── actix-http 2.2.2 │ │ │ └── actix-codec 0.3.0 │ │ │ ├── awc 2.0.3 │ │ │ ├── actix-web 3.3.3 │ │ │ ├── actix-utils 2.0.0 │ │ │ │ ├── actix-web 3.3.3 │ │ │ │ ├── actix-tls 2.0.0 │ │ │ │ │ ├── actix-web 3.3.3 │ │ │ │ │ └── actix-http 2.2.2 │ │ │ │ ├── actix-server 1.0.4 │ │ │ │ │ ├── actix-web 3.3.3 │ │ │ │ │ └── actix-testing 1.0.1 │ │ │ │ │ └── actix-web 3.3.3 │ │ │ │ ├── actix-http 2.2.2 │ │ │ │ └── actix-connect 2.0.0 │ │ │ ├── actix-tls 2.0.0 │ │ │ ├── actix-server 1.0.4 │ │ │ ├── actix-http 2.2.2 │ │ │ └── actix-connect 2.0.0 │ │ ├── tokio-openssl 0.4.0 │ │ │ ├── actix-tls 2.0.0 │ │ │ └── actix-connect 2.0.0 │ │ ├── h2 0.2.7 │ │ ├── actix-rt 1.1.1 │ │ │ ├── awc 2.0.3 │ │ │ ├── actix-web 3.3.3 │ │ │ ├── actix-utils 2.0.0 │ │ │ ├── actix-testing 1.0.1 │ │ │ ├── actix-server 1.0.4 │ │ │ ├── actix-http 2.2.2 │ │ │ └── actix-connect 2.0.0 │ │ └── actix-codec 0.3.0 │ ├── mio-uds 0.6.8 │ │ ├── tokio 0.2.25 │ │ └── actix-server 1.0.4 │ └── actix-server 1.0.4 └── mio 0.6.23 Crate: stdweb Version: 0.4.20 Warning: unmaintained Title: stdweb is unmaintained Date: 2020-05-04 ID: RUSTSEC-2020-0056 URL: https://rustsec.org/advisories/RUSTSEC-2020-0056 Dependency tree: stdweb 0.4.20 └── time 0.2.27 ├── cookie 0.14.4 │ └── actix-http 2.2.2 │ ├── awc 2.0.3 │ │ └── actix-web 3.3.3 │ │ └── link 0.1.0 │ └── actix-web 3.3.3 ├── actix-web 3.3.3 └── actix-http 2.2.2 Crate: term Version: 0.5.2 Warning: unmaintained Title: term is looking for a new maintainer Date: 2018-11-19 ID: RUSTSEC-2018-0015 URL: https://rustsec.org/advisories/RUSTSEC-2018-0015 Dependency tree: term 0.5.2 └── prettytable-rs 0.8.0 └── link 0.1.0 Crate: link Version: 0.1.0 Warning: yanked Dependency tree: link 0.1.0 error: 3 vulnerabilities found! warning: 4 allowed warnings found
BR, Nariod
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hello,
Running
cargo auditagainst the project raises 3 vulnerabilities from dependencies:BR,
Nariod
The text was updated successfully, but these errors were encountered: