This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate datafusion

Dependencies

(11 total, 6 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 arrow ⚠️^0.10.051.0.0out of date
 byteorder^11.5.0up to date
 bytes^0.41.6.0out of date
 clap^2.31.24.5.4out of date
 csv^1.0.01.3.0up to date
 datafusion-rustyline^2.0.0-alpha-20180628N/Aup to date
 fnv^1.0.31.0.7up to date
 json^0.11.130.12.4out of date
 lazy_static^1.01.4.0up to date
 parquet^0.4.151.0.0out of date
 sqlparser^0.1.80.44.0out of date

Dev dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.2.00.5.1out of date

Security Vulnerabilities

arrow: `BinaryArray` does not perform bound checks on reading values and offsets

RUSTSEC-2021-0116

BinaryArray performs insufficient validation on creation, which allows out-of-bounds reads in safe code.

arrow: `DecimalArray` does not perform bound checks on accessing values and offsets

RUSTSEC-2021-0117

DecimalArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code if the length of the backing buffer is not a multiple of 16.

arrow: `FixedSizeBinaryArray` does not perform bound checks on accessing values and offsets

RUSTSEC-2021-0118

FixedSizeBinaryArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code.