This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate actix-http-test

Dependencies

(18 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 actix-codec^0.50.5.2up to date
 actix-rt^2.22.10.0up to date
 actix-server^22.5.0up to date
 actix-service^22.0.2up to date
 actix-tls^33.4.0up to date
 actix-utils^33.0.1up to date
 awc^33.5.1up to date
 bytes^11.8.0up to date
 futures-core^0.3.170.3.31up to date
 http^0.2.71.1.0out of date
 log^0.40.4.22up to date
 serde^11.0.214up to date
 serde_json^11.0.132up to date
 serde_urlencoded^0.70.7.1up to date
 slab^0.40.4.9up to date
 socket2^0.50.5.7up to date
 openssl ⚠️^0.10.550.10.68maybe insecure
 tokio^1.24.21.41.0up to date

Security Vulnerabilities

openssl: `MemBio::get_buf` has undefined behavior with empty buffers

RUSTSEC-2024-0357

Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.