This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate native-tls


(10 total, 1 possibly insecure)

 lazy_static^ to date
 libc^ to date
 log^ to date
 openssl ⚠️^ insecure
 openssl-probe^ to date
 openssl-sys^0.9.550.9.102up to date
 schannel^ to date
 security-framework^ to date
 security-framework-sys^ to date
 tempfile^ to date

Dev dependencies

(2 total, 1 outdated)

 tempfile^ to date
 test-cert-gen^ of date

Security Vulnerabilities

openssl: `openssl` `X509VerifyParamRef::set_host` buffer over-read


When this function was passed an empty string, openssl would attempt to call strlen on it, reading arbitrary memory until it reached a NUL byte.