This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
rorm-sql(3 total, 2 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| chrono | >=0.4.20 | 0.4.40 | up to date |
| libsqlite3-sys ⚠️ | ~0.24 | 0.32.0 | out of date |
| rorm-declaration | ^0.3.0 | 0.4.0 | out of date |
libsqlite3-sys: `libsqlite3-sys` via C SQLite CVE-2022-35737It was sometimes possible for SQLite versions >= 1.0.12, < 3.39.2 to allow an array-bounds overflow when large string were input into SQLite's printf function.
As libsqlite3-sys bundles SQLite, it is susceptible to the vulnerability. libsqlite3-sys was updated to bundle the patched version of SQLite here.