This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate open-metrics-client

Dependencies

(4 total, 2 outdated, 1 insecure)

CrateRequiredLatestStatus
 dtoa^0.41.0.9out of date
 itoa^0.41.0.11out of date
 open-metrics-client-derive-text-encode^0.1.10.1.1up to date
 owning_ref ⚠️^0.40.4.1insecure

Dev dependencies

(6 total, 2 outdated)

CrateRequiredLatestStatus
 async-std^11.13.0up to date
 criterion^0.30.5.1out of date
 http-types^22.12.0up to date
 pyo3^0.140.22.5out of date
 quickcheck^11.0.3up to date
 tide^0.160.16.0up to date

Security Vulnerabilities

owning_ref: Multiple soundness issues in `owning_ref`

RUSTSEC-2022-0040

  • OwningRef::map_with_owner is unsound and may result in a use-after-free.
  • OwningRef::map is unsound and may result in a use-after-free.
  • OwningRefMut::as_owner and OwningRefMut::as_owner_mut are unsound and may result in a use-after-free.
  • The crate violates Rust's aliasing rules, which may cause miscompilations on recent compilers that emit the LLVM noalias attribute.

safer_owning_ref is a replacement crate which fixes these issues. No patched versions of the original crate are available, and the maintainer is unresponsive.