Deps.rs

scylla 0.12.0

[![dependency status](https://deps.rs/crate/scylla/0.12.0/status.svg)](https://deps.rs/crate/scylla/0.12.0)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate scylla

Dependencies

(30 total, 8 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 arc-swap^1.3.01.7.1up to date
 async-trait^0.1.560.1.80up to date
 base64^0.21.10.22.1out of date
 byteorder^1.3.41.5.0up to date
 bytes^1.0.11.6.0up to date
 chrono^0.4.200.4.38up to date
 dashmap^5.25.5.3up to date
 futures^0.3.60.3.30up to date
 histogram^0.6.90.10.1out of date
 itertools^0.11.00.13.0out of date
 lz4_flex^0.11.10.11.3up to date
 num_enum^0.60.7.2out of date
 openssl ⚠️^0.10.320.10.64maybe insecure
 rand^0.8.30.8.5up to date
 rand_pcg^0.3.10.3.1up to date
 scylla-cql^0.1.00.2.0out of date
 scylla-macros^0.4.00.5.0out of date
 serde^1.01.0.202up to date
 serde_yaml^0.9.140.9.34+deprecatedup to date
 smallvec^1.8.01.13.2up to date
 snap^1.01.1.1up to date
 socket2^0.5.30.5.7up to date
 strum^0.230.26.2out of date
 strum_macros^0.230.26.2out of date
 thiserror^1.01.0.61up to date
 tokio^1.271.37.0up to date
 tokio-openssl^0.6.10.6.4up to date
 tracing^0.1.360.1.40up to date
 url^2.3.12.5.0up to date
 uuid^1.01.8.0up to date

Dev dependencies

(10 total, 1 outdated)

CrateRequiredLatestStatus
 assert_matches^1.5.01.5.0up to date
 bigdecimal^0.40.4.3up to date
 criterion^0.40.5.1out of date
 ntest^0.9.00.9.2up to date
 num-bigint^0.40.4.5up to date
 rand_chacha^0.3.10.3.1up to date
 scylla-proxy^0.0.30.0.3up to date
 time^0.30.3.36up to date
 tokio^1.271.37.0up to date
 tracing-subscriber^0.3.140.3.18up to date

Security Vulnerabilities

openssl: `openssl` `X509VerifyParamRef::set_host` buffer over-read

RUSTSEC-2023-0044

When this function was passed an empty string, openssl would attempt to call strlen on it, reading arbitrary memory until it reached a NUL byte.