The build script in the portaudio crate will attempt to download via HTTP the portaudio source and build it.
A Mallory in the middle can intercept the download with their own archive and get RCE.
hum 0.4.0
This project contains known security vulnerabilities. Find detailed information at the bottom.
hum
(3 total, 2 outdated, 1 insecure)
Crate | Required | Latest | Status |
---|---|---|---|
clap | ^2.32.0 | 4.5.40 | out of date |
hound | ^3.4.0 | 3.5.1 | up to date |
portaudio ⚠️ | ^0.7.0 | 0.8.0 | insecure |
portaudio
: HTTP download and execution allows MitM RCEThe build script in the portaudio crate will attempt to download via HTTP the portaudio source and build it.
A Mallory in the middle can intercept the download with their own archive and get RCE.