This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate crypto-hash

Dependencies

(4 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 commoncrypto^0.20.2.0up to date
 hex^0.30.4.3out of date
 openssl ⚠️^0.100.10.64maybe insecure
 winapi^0.30.3.9up to date

Security Vulnerabilities

openssl: `openssl` `X509VerifyParamRef::set_host` buffer over-read

RUSTSEC-2023-0044

When this function was passed an empty string, openssl would attempt to call strlen on it, reading arbitrary memory until it reached a NUL byte.