exonum-btc-anchoring 0.10.0

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `exonum-btc-anchoring`

Dependencies

(24 total, 13 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
bitcoin	`^0.15`	`0.32.6`	out of date
btc-transaction-utils	`^0.4`	`0.9.0`	out of date
byteorder	`^1.2`	`1.5.0`	up to date
clap	`^2.32`	`4.5.40`	out of date
derive_more	`^0.13`	`2.0.1`	out of date
exonum	`^0.10.0`	`1.0.0`	out of date
exonum-derive	`^0.10.0`	`1.0.0`	out of date
exonum-testkit	`^0.10.0`	`1.0.0`	out of date
exonum_bitcoinrpc	`^0.6`	`0.6.0`	up to date
failure	`^0.1`	`0.1.8`	up to date
failure_derive	`^0.1`	`0.1.8`	up to date
hex	`^0.3`	`0.4.3`	out of date
log	`^0.4`	`0.4.27`	up to date
maplit	`^1.0`	`1.0.2`	up to date
matches	`^0.1`	`0.1.10`	up to date
protobuf ⚠️	`^2.2`	`3.7.2`	out of date
rand	`^0.4`	`0.9.1`	out of date
secp256k1	`^0.11`	`0.31.1`	out of date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
serde_str	`^0.1`	`0.1.0`	up to date
structopt	`^0.2`	`0.3.26`	out of date
toml	`^0.4`	`0.8.23`	out of date

Dev dependencies

(4 total, 3 outdated)

Crate	Required	Latest	Status
exonum-configuration	`^0.10.0`	`0.12.0`	out of date
libc	`^0.2`	`0.2.174`	up to date
pretty_assertions	`^0.5`	`1.4.1`	out of date
proptest	`^0.8`	`1.7.0`	out of date

Security Vulnerabilities

`protobuf`: Crash due to uncontrolled recursion in protobuf crate

RUSTSEC-2024-0437

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data.