This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate mles-client

Dependencies

(9 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 bytes^0.41.6.0out of date
 futures^0.10.3.30out of date
 mles-utils^1.11.1.7up to date
 tokio-codec^0.10.1.2up to date
 tokio-core^0.10.1.18up to date
 tokio-proto^0.10.1.1up to date
 tokio-service^0.10.1.0up to date
 tokio-tungstenite^0.60.21.0out of date
 tungstenite ⚠️^0.60.21.0out of date

Security Vulnerabilities

tungstenite: Tungstenite allows remote attackers to cause a denial of service

RUSTSEC-2023-0065

The Tungstenite crate through 0.20.0 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of times) and the average amount of data for each parse attempt (e.g., millions of bytes).