This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate tracing-log

Dependencies

(6 total, 3 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ahash^0.7.40.8.12out of date
 env_logger^0.70.11.8out of date
 lazy_static^1.3.01.5.0up to date
 log^0.40.4.27up to date
 lru ⚠️^0.7.00.16.0out of date
 tracing-core^0.1.170.1.34up to date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.6.0out of date
 tracing^0.10.1.41up to date

Security Vulnerabilities

lru: Use after free in lru crate

RUSTSEC-2021-0130

Lru crate has use after free vulnerability.

Lru crate has two functions for getting an iterator. Both iterators give references to key and value. Calling specific functions, like pop(), will remove and free the value, and but it's still possible to access the reference of value which is already dropped causing use after free.