This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate townhopper_cli

Dependencies

(10 total, 5 outdated, 2 possibly insecure)

CrateRequiredLatestStatus
 chrono ⚠️^0.40.4.37maybe insecure
 chrono-systemd-time^0.10.3.0out of date
 clap^2.324.5.4out of date
 config^0.90.14.0out of date
 lazy_static^1.21.4.0up to date
 log^0.40.4.21up to date
 rusqlite ⚠️^0.190.31.0out of date
 stderrlog^0.40.6.0out of date
 townhopper=0.1.10.1.1up to date
 xdg^2.22.5.2up to date

Security Vulnerabilities

rusqlite: Various memory safety issues

RUSTSEC-2020-0014

Several memory safety issues have been uncovered in an audit of rusqlite.

See https://github.com/rusqlite/rusqlite/releases/tag/0.23.0 for a complete list.

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References