bevy_pbr 0.14.2

Crate bevy_pbr

Dependencies

(27 total, 16 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
bevy_app	`^0.14.2`	`0.16.1`	out of date
bevy_asset	`^0.14.2`	`0.16.1`	out of date
bevy_color	`^0.14.3`	`0.16.2`	out of date
bevy_core_pipeline	`^0.14.2`	`0.16.1`	out of date
bevy_derive	`^0.14.2`	`0.16.1`	out of date
bevy_ecs	`^0.14.2`	`0.16.1`	out of date
bevy_math	`^0.14.2`	`0.16.1`	out of date
bevy_reflect	`^0.14.2`	`0.16.1`	out of date
bevy_render	`^0.14.2`	`0.16.1`	out of date
bevy_transform	`^0.14.2`	`0.16.1`	out of date
bevy_utils	`^0.14.2`	`0.16.1`	out of date
bevy_window	`^0.14.2`	`0.16.1`	out of date
bincode	`^1`	`2.0.1`	out of date
bitflags	`^2.3`	`2.9.1`	up to date
bytemuck	`^1`	`1.23.1`	up to date
fixedbitset	`^0.5`	`0.5.7`	up to date
itertools	`^0.13`	`0.14.0`	out of date
lz4_flex	`^0.11`	`0.11.5`	up to date
meshopt	`^0.3.0`	`0.5.0`	out of date
metis	`^0.2`	`0.2.2`	up to date
nonmax	`^0.5`	`0.5.5`	up to date
radsort	`^0.1`	`0.1.1`	up to date
range-alloc	`^0.1`	`0.1.4`	up to date
serde	`^1`	`1.0.219`	up to date
smallvec ⚠️	`^1.6`	`1.15.1`	maybe insecure
static_assertions	`^1`	`1.1.0`	up to date
thiserror	`^1`	`2.0.12`	out of date

Crate

Required

Latest

Status

bevy_app

^0.14.2

0.16.1

out of date

bevy_asset

^0.14.2

0.16.1

out of date

bevy_color

^0.14.3

0.16.2

out of date

bevy_core_pipeline

^0.14.2

0.16.1

out of date

bevy_derive

^0.14.2

0.16.1

out of date

bevy_ecs

^0.14.2

0.16.1

out of date

bevy_math

^0.14.2

0.16.1

out of date

bevy_reflect

^0.14.2

0.16.1

out of date

bevy_render

^0.14.2

0.16.1

out of date

bevy_transform

^0.14.2

0.16.1

out of date

bevy_utils

^0.14.2

0.16.1

out of date

bevy_window

^0.14.2

0.16.1

out of date

bincode

^1

2.0.1

out of date

bitflags

^2.3

2.9.1

up to date

bytemuck

^1

1.23.1

up to date

fixedbitset

^0.5

0.5.7

up to date

itertools

^0.13

0.14.0

out of date

lz4_flex

^0.11

0.11.5

up to date

meshopt

^0.3.0

0.5.0

out of date

metis

^0.2

0.2.2

up to date

nonmax

^0.5

0.5.5

up to date

radsort

^0.1

0.1.1

up to date

range-alloc

^0.1

0.1.4

up to date

serde

^1

1.0.219

up to date

smallvec ⚠️

^1.6

1.15.1

maybe insecure

static_assertions

^1

1.1.0

up to date

thiserror

^1

2.0.12

out of date

Security Vulnerabilities

`smallvec`: Buffer overflow in SmallVec::insert_many

RUSTSEC-2021-0003

A bug in the SmallVec::insert_many method caused it to allocate a buffer that was smaller than needed. It then wrote past the end of the buffer, causing a buffer overflow and memory corruption on the heap.

This bug was only triggered if the iterator passed to insert_many yielded more items than the lower bound returned from its size_hint method.

The flaw was corrected in smallvec 0.6.14 and 1.6.1, by ensuring that additional space is always reserved for each item inserted. The fix also simplified the implementation of insert_many to use less unsafe code, so it is easier to verify its correctness.

Thank you to Yechan Bae (@Qwaz) and the Rust group at Georgia Tech’s SSLab for finding and reporting this bug.

Deps.rs

bevy_pbr 0.14.2

Crate `bevy_pbr`

Dependencies

Security Vulnerabilities

`smallvec`: Buffer overflow in SmallVec::insert_many

bevy_pbr 0.14.2

Crate bevy_pbr

Dependencies

Security Vulnerabilities

smallvec: Buffer overflow in SmallVec::insert_many

Crate `bevy_pbr`

`smallvec`: Buffer overflow in SmallVec::insert_many