bevy_ui 0.18.1

Crate bevy_ui

Dependencies

(27 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
accesskit	`^0.21`	`0.24.0`	out of date
bevy_a11y	`^0.18.0`	`0.18.1`	up to date
bevy_app	`^0.18.0`	`0.18.1`	up to date
bevy_asset	`^0.18.0`	`0.18.1`	up to date
bevy_camera	`^0.18.0`	`0.18.1`	up to date
bevy_color	`^0.18.0`	`0.18.1`	up to date
bevy_derive	`^0.18.0`	`0.18.1`	up to date
bevy_ecs	`^0.18.0`	`0.18.1`	up to date
bevy_image	`^0.18.0`	`0.18.1`	up to date
bevy_input	`^0.18.0`	`0.18.1`	up to date
bevy_input_focus	`^0.18.0`	`0.18.1`	up to date
bevy_math	`^0.18.0`	`0.18.1`	up to date
bevy_picking	`^0.18.0`	`0.18.1`	up to date
bevy_platform	`^0.18.0`	`0.18.1`	up to date
bevy_reflect	`^0.18.0`	`0.18.1`	up to date
bevy_sprite	`^0.18.0`	`0.18.1`	up to date
bevy_text	`^0.18.0`	`0.18.1`	up to date
bevy_transform	`^0.18.0`	`0.18.1`	up to date
bevy_utils	`^0.18.0`	`0.18.1`	up to date
bevy_window	`^0.18.0`	`0.18.1`	up to date
derive_more	`^2`	`2.1.1`	up to date
serde	`^1`	`1.0.228`	up to date
smallvec ⚠️	`^1`	`1.15.1`	maybe insecure
taffy	`^0.9`	`0.9.2`	up to date
thiserror	`^2`	`2.0.18`	up to date
tracing	`^0.1`	`0.1.44`	up to date
uuid	`^1.1`	`1.22.0`	up to date

Crate

Required

Latest

Status

accesskit

^0.21

0.24.0

out of date

bevy_a11y

^0.18.0

0.18.1

up to date

bevy_app

^0.18.0

0.18.1

up to date

bevy_asset

^0.18.0

0.18.1

up to date

bevy_camera

^0.18.0

0.18.1

up to date

bevy_color

^0.18.0

0.18.1

up to date

bevy_derive

^0.18.0

0.18.1

up to date

bevy_ecs

^0.18.0

0.18.1

up to date

bevy_image

^0.18.0

0.18.1

up to date

bevy_input

^0.18.0

0.18.1

up to date

bevy_input_focus

^0.18.0

0.18.1

up to date

bevy_math

^0.18.0

0.18.1

up to date

bevy_picking

^0.18.0

0.18.1

up to date

bevy_platform

^0.18.0

0.18.1

up to date

bevy_reflect

^0.18.0

0.18.1

up to date

bevy_sprite

^0.18.0

0.18.1

up to date

bevy_text

^0.18.0

0.18.1

up to date

bevy_transform

^0.18.0

0.18.1

up to date

bevy_utils

^0.18.0

0.18.1

up to date

bevy_window

^0.18.0

0.18.1

up to date

derive_more

^2

2.1.1

up to date

serde

^1

1.0.228

up to date

smallvec ⚠️

^1

1.15.1

maybe insecure

taffy

^0.9

0.9.2

up to date

thiserror

^2

2.0.18

up to date

tracing

^0.1

0.1.44

up to date

uuid

^1.1

1.22.0

up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
bevy_core_pipeline	`^0.18.0`	`0.18.1`	up to date

Crate

Required

Latest

Status

bevy_core_pipeline

^0.18.0

0.18.1

up to date

Security Vulnerabilities

`smallvec`: Buffer overflow in SmallVec::insert_many

RUSTSEC-2021-0003

A bug in the SmallVec::insert_many method caused it to allocate a buffer that was smaller than needed. It then wrote past the end of the buffer, causing a buffer overflow and memory corruption on the heap.

This bug was only triggered if the iterator passed to insert_many yielded more items than the lower bound returned from its size_hint method.

The flaw was corrected in smallvec 0.6.14 and 1.6.1, by ensuring that additional space is always reserved for each item inserted. The fix also simplified the implementation of insert_many to use less unsafe code, so it is easier to verify its correctness.

Thank you to Yechan Bae (@Qwaz) and the Rust group at Georgia Tech’s SSLab for finding and reporting this bug.

Crate bevy_ui

Dependencies

Dev dependencies

Security Vulnerabilities

smallvec: Buffer overflow in SmallVec::insert_many

Crate `bevy_ui`

`smallvec`: Buffer overflow in SmallVec::insert_many