BinaryArray performs insufficient validation on creation, which allows out-of-bounds reads in safe code.
This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
datafusion(8 total, 3 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status | 
|---|---|---|---|
| arrow ⚠️ | ^0.13.0 | 57.0.0 | out of date | 
| datafusion-rustyline | ^2.0.0-alpha-20180628 | N/A | up to date | 
| fnv | ^1.0.3 | 1.0.7 | up to date | 
| parquet | ^0.13.0 | 57.0.0 | out of date | 
| serde | ^1.0.80 | 1.0.228 | up to date | 
| serde_derive | ^1.0.80 | 1.0.228 | up to date | 
| serde_json | ^1.0.33 | 1.0.145 | up to date | 
| sqlparser | ^0.2.0 | 0.59.0 | out of date | 
(1 total, 1 outdated)
| Crate | Required | Latest | Status | 
|---|---|---|---|
| criterion | ^0.2.0 | 0.7.0 | out of date | 
arrow: `BinaryArray` does not perform bound checks on reading values and offsetsBinaryArray performs insufficient validation on creation, which allows out-of-bounds reads in safe code.
arrow: `DecimalArray` does not perform bound checks on accessing values and offsetsDecimalArray performs insufficient bounds checks,
which allows out-of-bounds reads in safe code
if the length of the backing buffer is not a multiple of 16.
arrow: `FixedSizeBinaryArray` does not perform bound checks on accessing values and offsetsFixedSizeBinaryArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code.