Deps.rs

loom 0.4.1

[![dependency status](https://deps.rs/crate/loom/0.4.1/status.svg)](https://deps.rs/crate/loom/0.4.1)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate loom

Dependencies

(6 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 cfg-if^1.0.01.0.0up to date
 futures-util^0.3.00.3.31up to date
 generator ⚠️^0.6.180.8.3out of date
 scoped-tls^1.0.01.0.1up to date
 serde^1.0.921.0.214up to date
 serde_json^1.0.331.0.132up to date

Security Vulnerabilities

generator: Generators can cause data races if non-Send types are used in their generator functions

RUSTSEC-2020-0151

The Generator type is an iterable which uses a generator function that yields values. In affected versions of the crate, the provided function yielding values had no Send bounds despite the Generator itself implementing Send.

The generator function lacking a Send bound means that types that are dangerous to send across threads such as Rc could be sent as part of a generator, potentially leading to data races.

This flaw was fixed in commit f7d120a3b by enforcing that the generator function be bound by Send.