This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate askama

Dependencies

(6 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 actix-web ⚠️^0.74.9.0out of date
 askama_derive^0.7.20.12.5out of date
 askama_shared^0.7.20.12.2out of date
 iron>=0.5, <0.70.6.1up to date
 mime_guess^2.0.0-alpha2.0.5up to date
 rocket^0.30.5.1out of date

Security Vulnerabilities

actix-web: Multiple memory safety issues

RUSTSEC-2018-0019

Affected versions contain multiple memory safety issues, such as:

  • Unsoundly coercing immutable references to mutable references
  • Unsoundly extending lifetimes of strings
  • Adding the Send marker trait to objects that cannot be safely sent between threads

This may result in a variety of memory corruption scenarios, most likely use-after-free.

A significant refactoring effort has been conducted to resolve these issues.