fake 4.0.0

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `fake`

Dependencies

(26 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
base64	`^0.22.1`	`0.22.1`	up to date
bigdecimal	`^0.4`	`0.4.7`	up to date
bson	`^2`	`2.13.0`	up to date
chrono ⚠️	`^0.4`	`0.4.40`	maybe insecure
chrono-tz	`^0.10`	`0.10.1`	up to date
clap	`^4.0.32`	`4.5.32`	up to date
deunicode	`^1.6`	`1.6.0`	up to date
dummy	`^0.9`	`0.9.2`	up to date
email_address	`^0.2`	`0.2.9`	up to date
geo-types	`^0.7`	`0.7.15`	up to date
glam	`^0.29`	`0.30.0`	out of date
http	`^1`	`1.2.0`	up to date
indexmap	`^2`	`2.8.0`	up to date
num-traits	`^0.2`	`0.2.19`	up to date
rand	`^0.9`	`0.9.0`	up to date
rand_core	`^0.9`	`0.9.3`	up to date
random_color	`^1`	`1.0.0`	up to date
rust_decimal	`^1`	`1.36.0`	up to date
semver	`^1`	`1.0.26`	up to date
serde_json	`^1`	`1.0.140`	up to date
time	`^0.3`	`0.3.39`	up to date
ulid	`^1`	`1.2.0`	up to date
url	`^2`	`2.5.4`	up to date
url-escape	`^0.1`	`0.1.1`	up to date
uuid	`^1`	`1.15.1`	up to date
zerocopy	`^0.8`	`0.8.23`	up to date

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
chrono ⚠️	`^0.4`	`0.4.40`	maybe insecure
proptest	`^1`	`1.6.0`	up to date
rand_chacha	`^0.9.0`	`0.9.0`	up to date

Security Vulnerabilities

`chrono`: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References

time-rs/time#293