Deps.rs

lock_api 0.4.10

[![dependency status](https://deps.rs/crate/lock_api/0.4.10/status.svg)](https://deps.rs/crate/lock_api/0.4.10)

This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate lock_api

Dependencies

(3 total, 1 insecure)

CrateRequiredLatestStatus
 owning_ref ⚠️^0.4.10.4.1insecure
 scopeguard^1.1.01.2.0up to date
 serde^1.0.1261.0.188up to date

Security Vulnerabilities

owning_ref: Multiple soundness issues in `owning_ref`

RUSTSEC-2022-0040

  • OwningRef::map_with_owner is unsound and may result in a use-after-free.
  • OwningRef::map is unsound and may result in a use-after-free.
  • OwningRefMut::as_owner and OwningRefMut::as_owner_mut are unsound and may result in a use-after-free.
  • The crate violates Rust's aliasing rules, which may cause miscompilations on recent compilers that emit the LLVM noalias attribute.

No patched versions are available at this time. While a pull request with some fixes is outstanding, the maintainer appears to be unresponsive.