Deps.rs

wasmtime-environ 0.15.0

[![dependency status](https://deps.rs/crate/wasmtime-environ/0.15.0/status.svg)](https://deps.rs/crate/wasmtime-environ/0.15.0)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate wasmtime-environ

Dependencies

(22 total, 16 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 anyhow^1.01.0.98up to date
 base64^0.12.00.22.1out of date
 bincode^1.1.42.0.1out of date
 cranelift-codegen ⚠️^0.62.00.121.1out of date
 cranelift-entity^0.62.00.121.1out of date
 cranelift-wasm^0.62.00.112.3out of date
 directories^2.0.16.0.0out of date
 errno^0.2.40.3.13out of date
 file-per-thread-logger^0.1.10.2.0out of date
 indexmap^1.0.22.10.0out of date
 libc^0.2.600.2.174up to date
 lightbeam^0.15.00.30.0out of date
 log^0.4.80.4.27up to date
 more-asserts^0.2.10.3.1out of date
 rayon^1.2.11.10.0up to date
 serde^1.0.941.0.219up to date
 sha2^0.8.00.10.9out of date
 thiserror^1.0.42.0.12out of date
 toml^0.5.50.8.23out of date
 wasmparser^0.51.20.235.0out of date
 winapi^0.3.70.3.9up to date
 zstd^0.50.13.3out of date

Dev dependencies

(7 total, 4 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 cranelift-codegen ⚠️^0.62.00.121.1out of date
 filetime^0.2.70.2.25up to date
 lazy_static^1.3.01.5.0up to date
 pretty_env_logger^0.4.00.5.0out of date
 rand^0.7.00.9.1out of date
 target-lexicon^0.10.00.13.2out of date
 tempfile^33.20.0up to date

Security Vulnerabilities

cranelift-codegen: Memory access due to code generation flaw in Cranelift module

RUSTSEC-2021-0067

There is a bug in 0.73.0 of the Cranelift x64 backend that can create a scenario that could result in a potential sandbox escape in a WebAssembly module. Users of versions 0.73.0 of Cranelift should upgrade to either 0.73.1 or 0.74 to remediate this vulnerability. Users of Cranelift prior to 0.73.0 should update to 0.73.1 or 0.74 if they were not using the old default backend.

More details can be found in the GitHub Security Advisory at:

https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hpqh-2wqx-7qp5