Deps.rs

cellular_raza-core 0.2.4

[![dependency status](https://deps.rs/crate/cellular_raza-core/0.2.4/status.svg)](https://deps.rs/crate/cellular_raza-core/0.2.4)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate cellular_raza-core

Dependencies

(25 total, 1 possibly insecure)

CrateRequiredLatestStatus
 bincode^2.02.0.1up to date
 cellular_raza-concepts^0.2.40.2.4up to date
 cellular_raza-core-proc-macro^0.2.40.2.4up to date
 chrono^0.4.310.4.41up to date
 circ_buffer^0.1.80.1.9up to date
 crossbeam-channel^0.50.5.15up to date
 cudarc^0.160.16.4up to date
 hurdles^1.01.0.1up to date
 itertools^0.140.14.0up to date
 kdam^0.60.6.2up to date
 num^0.40.4.3up to date
 opencl3^0.12.00.12.0up to date
 plotters^0.30.3.7up to date
 pyo3 ⚠️^0.240.24.2maybe insecure
 quick-xml^0.370.37.5up to date
 rand^0.90.9.1up to date
 rand_chacha^0.90.9.0up to date
 rayon^1.61.10.0up to date
 ron^0.100.10.1up to date
 serde^1.01.0.219up to date
 serde_json^1.01.0.140up to date
 sled^0.340.34.7up to date
 tracing^0.1.400.1.41up to date
 tracing-subscriber^0.3.180.3.19up to date
 uniquevec^0.1.00.1.0up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 tempfile^33.19.1up to date

Security Vulnerabilities

pyo3: Risk of buffer overflow in `PyString::from_object`

RUSTSEC-2025-0020

PyString::from_object took &str arguments and forwarded them directly to the Python C API without checking for terminating nul bytes. This could lead the Python interpreter to read beyond the end of the &str data and potentially leak contents of the out-of-bounds read (by raising a Python exception containing a copy of the data including the overflow).

In PyO3 0.24.1 this function will now allocate a CString to guarantee a terminating nul bytes. PyO3 0.25 will likely offer an alternative API which takes &CStr arguments.