This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
libwebp(1 total, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| libwebp-sys2 ⚠️ | ^0.1.0 | 0.1.9 | maybe insecure |
(1 total, 1 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| rand | ^0.6.5 | 0.8.5 | out of date |
libwebp-sys2: libwebp: OOB write in BuildHuffmanTableGoogle and Mozilla have released security advisories for RCE due to heap overflow in libwebp. Google warns the vulnerability has been exploited in the wild.
libwebp needs to be updated to 1.3.2 to include a patch for "OOB write in BuildHuffmanTable".