This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate flume

Dependencies

(5 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 futures-core^0.30.3.21up to date
 futures-sink^0.30.3.21up to date
 nanorand ⚠️^0.60.7.0out of date
 pin-project^11.0.10up to date
 spin^0.9.20.9.3up to date

Dev dependencies

(7 total, all up-to-date)

CrateRequiredLatestStatus
 async-std^1.9.01.11.0up to date
 criterion^0.3.40.3.5up to date
 crossbeam-channel^0.5.10.5.4up to date
 crossbeam-utils^0.8.50.8.8up to date
 futures^0.30.3.21up to date
 rand^0.8.30.8.5up to date
 waker-fn^1.1.01.1.0up to date

Security Vulnerabilities

nanorand: Aliased mutable references from `tls_rand` & `TlsWyRand`

RUSTSEC-2021-0114

TlsWyRand's implementation of Deref unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior.