This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate plotters

Dependencies

(12 total, 3 outdated, 1 insecure)

CrateRequiredLatestStatus
 chrono ⚠️^0.4.190.4.19insecure
 num-traits^0.2.140.2.15up to date
 plotters-backend^0.30.3.2up to date
 plotters-bitmap0.3.*0.3.1up to date
 plotters-svg0.3.*0.3.1up to date
 font-kit^0.10.00.11.0out of date
 image^0.23.140.24.2out of date
 lazy_static^1.4.01.4.0up to date
 pathfinder_geometry^0.5.10.5.1up to date
 ttf-parser^0.12.00.15.0out of date
 wasm-bindgen^0.2.620.2.80up to date
 web-sys^0.3.510.3.57up to date

Dev dependencies

(11 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.3.40.3.5up to date
 itertools^0.10.00.10.3up to date
 plotters-bitmap0.3.*0.3.1up to date
 rayon^1.5.11.5.2up to date
 serde^1.0.1261.0.137up to date
 serde_derive^1.0.1261.0.137up to date
 serde_json^1.0.641.0.81up to date
 rand^0.8.30.8.5up to date
 rand_distr^0.4.00.4.3up to date
 rand_xorshift^0.3.00.3.0up to date
 wasm-bindgen-test^0.3.240.3.30up to date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References