This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate flume

Dependencies

(5 total, 2 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 futures-core^0.30.3.31up to date
 futures-sink^0.30.3.31up to date
 nanorand ⚠️^0.60.8.0out of date
 pin-project^11.1.10up to date
 spin^0.9.20.10.0out of date

Dev dependencies

(7 total, 2 outdated)

CrateRequiredLatestStatus
 async-std^1.9.01.13.1up to date
 criterion^0.3.40.6.0out of date
 crossbeam-channel^0.5.10.5.15up to date
 crossbeam-utils^0.8.50.8.21up to date
 futures^0.30.3.31up to date
 rand^0.8.30.9.1out of date
 waker-fn^1.1.01.2.0up to date

Security Vulnerabilities

nanorand: Aliased mutable references from `tls_rand` & `TlsWyRand`

RUSTSEC-2021-0114

TlsWyRand's implementation of Deref unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior.