Deps.rs

raft-consensus 0.4.0

[![dependency status](https://deps.rs/crate/raft-consensus/0.4.0/status.svg)](https://deps.rs/crate/raft-consensus/0.4.0)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate raft-consensus

Dependencies

(8 total, 2 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 byteorder^1.21.5.0up to date
 capnp ⚠️^0.90.19.3out of date
 failure^0.10.1.8up to date
 failure_derive^0.10.1.8up to date
 log^0.40.4.21up to date
 serde^1.01.0.198up to date
 serde_derive^1.01.0.198up to date
 uuid^0.51.8.0out of date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 pretty_env_logger^0.20.5.0out of date
 serde_json^1.01.0.116up to date

Security Vulnerabilities

capnp: out-of-bounds read possible when setting list-of-pointers

RUSTSEC-2022-0068

If a message consumer expects data of type "list of pointers", and if the consumer performs certain specific actions on such data, then a message producer can cause the consumer to read out-of-bounds memory. This could trigger a process crash in the consumer, or in some cases could allow exfiltration of private in-memory data.

The C++ Cap'n Proto library is also affected by this bug. See the advisory on the main Cap'n Proto repo for a succinct description of the exact circumstances in which the problem can arise.