This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
compu(3 total, 2 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| cloudflare-zlib-sys | ^0.2 | 0.3.3 | out of date |
| compu-brotli-sys ⚠️ | ^0.1 | 1.1.0 | out of date |
| libz-sys | ^1 | 1.1.20 | up to date |
compu-brotli-sys: Integer overflow in the bundled Brotli C libraryA buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB.
If one cannot update the C library, its authors recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.