This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
glib(14 total, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| bitflags | ^2.6 | 2.6.0 | up to date |
| futures-channel | ^0.3 | 0.3.31 | up to date |
| futures-core | ^0.3 | 0.3.31 | up to date |
| futures-executor | ^0.3 | 0.3.31 | up to date |
| futures-task ⚠️ | ^0.3 | 0.3.31 | maybe insecure |
| futures-util | ^0.3 | 0.3.31 | up to date |
| gio-sys | ^0.20.5 | 0.20.5 | up to date |
| glib-macros | ^0.20.3 | 0.20.5 | up to date |
| glib-sys | ^0.20.5 | 0.20.5 | up to date |
| gobject-sys | ^0.20 | 0.20.4 | up to date |
| libc | ^0.2 | 0.2.161 | up to date |
| memchr | ^2.7.4 | 2.7.4 | up to date |
| log | ^0.4 | 0.4.22 | up to date |
| smallvec | ^1.13 | 1.13.2 | up to date |
(4 total, all up-to-date)
| Crate | Required | Latest | Status |
|---|---|---|---|
| criterion | ^0.5.1 | 0.5.1 | up to date |
| gir-format-check | ^0.1 | 0.1.3 | up to date |
| tempfile | ^3 | 3.13.0 | up to date |
| trybuild2 | ^1 | 1.2.0 | up to date |
futures-task: futures_task::waker may cause a use-after-free if used on a type that isn't 'staticAffected versions of the crate did not properly implement a 'static lifetime bound on the waker function.
This resulted in a use-after-free if Waker::wake() is called after original data had been dropped.
The flaw was corrected by adding 'static lifetime bound to the data waker takes.