This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate pf_sandbox_lib

Dependencies

(26 total, 16 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 backtrace^0.30.3.75up to date
 bincode^12.0.1out of date
 chrono ⚠️^0.40.4.41maybe insecure
 dirs^16.0.0out of date
 env_logger^0.60.11.8out of date
 gilrs-core^0.10.6.4out of date
 log^0.40.4.27up to date
 matches^0.10.1.10up to date
 num-derive^0.20.4.2out of date
 num-traits^0.20.2.19up to date
 os_type^22.6.0up to date
 rand^0.60.9.1out of date
 reqwest^0.90.12.22out of date
 serde^11.0.219up to date
 serde_derive^11.0.219up to date
 serde_json^11.0.140up to date
 sha2^0.80.10.9out of date
 strum^0.130.27.1out of date
 strum_macros^0.130.27.1out of date
 toml^0.40.9.1out of date
 treeflection^0.10.1.35up to date
 treeflection_derive^0.30.4.0out of date
 uuid^0.71.17.0out of date
 winit^0.180.30.11out of date
 winit_input_helper^0.20.16.0out of date
 zip^0.54.3.0out of date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References