This project contains known security vulnerabilities. Find detailed information at the bottom.
kelvin(17 total, 9 outdated, 2 insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| appendix ⚠️ | ^0.2 | 0.2.2 | insecure |
| arbitrary | ^0.3 | 1.3.2 | out of date |
| arrayvec | ^0.5.1 | 0.7.4 | out of date |
| atomicwrites | ^0.2 | 0.4.3 | out of date |
| base64 | ^0.11 | 0.22.0 | out of date |
| bytehash | ^0.2 | 0.3.0 | out of date |
| byteorder | ^1.2.2 | 1.5.0 | up to date |
| cache | ^0.2.0 | N/A | up to date |
| futures | ^0.3.1 | 0.3.30 | up to date |
| num | ^0.2 | 0.4.2 | out of date |
| owning_ref ⚠️ | ^0.4.0 | 0.4.1 | insecure |
| parking_lot | ^0.6.4 | 0.12.2 | out of date |
| quickcheck | ^0.8 | 1.0.3 | out of date |
| rand | ^0.6.5 | 0.8.5 | out of date |
| tempfile | ^3.0.3 | 3.10.1 | up to date |
| wasm-bindgen | ^0.2 | 0.2.92 | up to date |
| web-sys | ^0.3 | 0.3.69 | up to date |
(1 total, all up-to-date)
| Crate | Required | Latest | Status |
|---|---|---|---|
| tempfile | ^3.0 | 3.10.1 | up to date |
appendix: Data race and memory safety issue in `Index`The appendix crate implements a key-value mapping data structure called
Index<K, V> that is stored on disk. The crate allows for any type to inhabit
the generic K and V type parameters and implements Send and Sync for them
unconditionally.
Using a type that is not marked as Send or Sync with Index can allow it
to be used across multiple threads leading to data races. Additionally using
reference types for the keys or values will lead to the segmentation faults
in the crate's code.
owning_ref: Multiple soundness issues in `owning_ref`OwningRef::map_with_owner is unsound and may result in a use-after-free.OwningRef::map is unsound and may result in a use-after-free.OwningRefMut::as_owner and OwningRefMut::as_owner_mut are unsound and may result in a use-after-free.noalias attribute.safer_owning_ref is a replacement crate which fixes these issues.
No patched versions of the original crate are available, and the maintainer is unresponsive.