Deps.rs

isahc 0.9.14

[![dependency status](https://deps.rs/crate/isahc/0.9.14/status.svg)](https://deps.rs/crate/isahc/0.9.14)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate isahc

Dependencies

(22 total, 7 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 bytes^0.51.10.1out of date
 chrono ⚠️^0.40.4.42maybe insecure
 crossbeam-utils^0.80.8.21up to date
 curl^0.4.340.4.49up to date
 curl-sys^0.4.370.4.83+curl-8.15.0up to date
 encoding_rs^0.80.8.35up to date
 flume^0.90.11.1out of date
 futures-lite^1.112.6.1out of date
 http^0.2.11.3.1out of date
 log^0.40.4.28up to date
 mime^0.30.3.17up to date
 once_cell^11.21.3up to date
 parking_lot^0.110.12.4out of date
 publicsuffix^1.52.3.0out of date
 serde^1.01.0.225up to date
 serde_json^1.01.0.145up to date
 slab^0.40.4.11up to date
 sluice^0.50.6.0out of date
 tracing^0.1.170.1.41up to date
 tracing-futures^0.20.2.5up to date
 url^2.22.5.7up to date
 waker-fn^11.2.0up to date

Dev dependencies

(10 total, 4 outdated)

CrateRequiredLatestStatus
 env_logger^0.80.11.8out of date
 flate2^1.01.1.2up to date
 futures^0.30.3.31up to date
 indicatif^0.150.18.0out of date
 rayon^11.11.0up to date
 static_assertions^1.11.1.0up to date
 structopt^0.30.3.26up to date
 tempfile^3.13.22.0up to date
 test-case^1.03.3.1out of date
 tracing-subscriber^0.20.3.20out of date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References