This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate protobuf-parse

Dependencies

(8 total, 5 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^1.0.531.0.98up to date
 indexmap^1.8.02.10.0out of date
 log^0.40.4.27up to date
 protobuf ⚠️=3.3.03.7.2out of date
 protobuf-support=3.3.03.7.2out of date
 tempfile^3.2.03.20.0up to date
 thiserror^1.0.302.0.12out of date
 which^4.08.0.0out of date

Security Vulnerabilities

protobuf: Crash due to uncontrolled recursion in protobuf crate

RUSTSEC-2024-0437

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data.