fake 4.4.0

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `fake`

Dependencies

(28 total, 1 possibly insecure)

Crate	Required	Latest	Status
base64	`^0.22.1`	`0.22.1`	up to date
bigdecimal	`^0.4`	`0.4.8`	up to date
bson	`^2`	`2.15.0`	up to date
chrono ⚠️	`^0.4`	`0.4.41`	maybe insecure
chrono-tz	`^0.10`	`0.10.4`	up to date
clap	`^4.0.32`	`4.5.43`	up to date
deunicode	`^1.6`	`1.6.2`	up to date
dummy	`^0.11`	`0.11.0`	up to date
either	`^1`	`1.15.0`	up to date
email_address	`^0.2`	`0.2.9`	up to date
ferroid	`^0.6`	`0.6.3`	up to date
geo-types	`^0.7`	`0.7.17`	up to date
glam	`^0.30.1`	`0.30.5`	up to date
http	`^1`	`1.3.1`	up to date
indexmap	`^2`	`2.10.0`	up to date
num-traits	`^0.2`	`0.2.19`	up to date
rand	`^0.9`	`0.9.2`	up to date
rand_core	`^0.9`	`0.9.3`	up to date
random_color	`^1`	`1.1.0`	up to date
rust_decimal	`^1.37`	`1.37.2`	up to date
semver	`^1`	`1.0.26`	up to date
serde_json	`^1`	`1.0.142`	up to date
time	`^0.3`	`0.3.41`	up to date
ulid	`^1`	`1.2.1`	up to date
url	`^2`	`2.5.4`	up to date
url-escape	`^0.1`	`0.1.1`	up to date
uuid	`^1`	`1.17.0`	up to date
zerocopy	`^0.8`	`0.8.26`	up to date

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
chrono ⚠️	`^0.4`	`0.4.41`	maybe insecure
proptest	`^1`	`1.7.0`	up to date
rand_chacha	`^0.9.0`	`0.9.0`	up to date

Security Vulnerabilities

`chrono`: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References

time-rs/time#293