This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate ructe

Dependencies

(8 total, 5 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 base64^0.11.00.22.0out of date
 bytecount^0.6.00.6.7up to date
 itertools^0.8.00.12.1out of date
 md5^0.70.7.0up to date
 mime^0.30.3.17up to date
 nom^5.0.07.1.3out of date
 rsass^0.11.00.28.8out of date
 warp ⚠️^0.1.90.3.6out of date

Security Vulnerabilities

warp: Improper validation of Windows paths could lead to directory traversal attack

RUSTSEC-2022-0082

Path resolution in warp::filters::fs::dir didn't correctly validate Windows paths meaning paths like /foo/bar/c:/windows/web/screen/img101.png would be allowed and respond with the contents of c:/windows/web/screen/img101.png. Thus users could potentially read files anywhere on the filesystem.

This only impacts Windows. Linux and other unix likes are not impacted by this.