Affected versions of this crate use orderings which are too weak to support this data structure. It is likely this has caused memory corruption in the wild: https://github.com/crossbeam-rs/crossbeam/issues/97#issuecomment-412785919.
This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
wayland-client(6 total, 5 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| bitflags | >=0.5.0, <0.8 | 2.6.0 | out of date |
| crossbeam ⚠️ | ^0.2 | 0.8.4 | out of date |
| dlib | ^0.3 | 0.5.2 | out of date |
| lazy_static | >=0.1, <0.3 | 1.5.0 | out of date |
| libc | ^0.2 | 0.2.161 | up to date |
| wayland-sys | ^0.5.7 | 0.31.5 | out of date |
(2 total, 2 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| byteorder | >=0.3, <0.6 | 1.5.0 | out of date |
| tempfile | >=1.1, <3.0 | 3.13.0 | out of date |
crossbeam: `MsQueue` `push`/`pop` use the wrong orderingsAffected versions of this crate use orderings which are too weak to support this data structure. It is likely this has caused memory corruption in the wild: https://github.com/crossbeam-rs/crossbeam/issues/97#issuecomment-412785919.