This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate flume

Dependencies

(5 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 futures-core^0.30.3.30up to date
 futures-sink^0.30.3.30up to date
 nanorand ⚠️^0.60.7.0out of date
 pin-project^11.1.5up to date
 spin^0.9.20.9.8up to date

Dev dependencies

(7 total, 1 outdated)

CrateRequiredLatestStatus
 async-std^1.9.01.12.0up to date
 criterion^0.3.40.5.1out of date
 crossbeam-channel^0.5.10.5.12up to date
 crossbeam-utils^0.8.50.8.19up to date
 futures^0.30.3.30up to date
 rand^0.8.30.8.5up to date
 waker-fn^1.1.01.1.1up to date

Security Vulnerabilities

nanorand: Aliased mutable references from `tls_rand` & `TlsWyRand`

RUSTSEC-2021-0114

TlsWyRand's implementation of Deref unconditionally dereferences a raw pointer, and returns multiple mutable references to the same object, which is undefined behavior.