This project contains known security vulnerabilities. Find detailed information at the bottom.

Crate zxcvbn

Dependencies

(9 total, 1 insecure)

CrateRequiredLatestStatus
 chrono ⚠️^0.4.70.4.19insecure
 derive_builder^0.10.00.10.2up to date
 fancy-regex^0.7.00.7.1up to date
 itertools^0.10.00.10.1up to date
 lazy_static^1.31.4.0up to date
 quick-error^2.02.0.1up to date
 regex^11.5.4up to date
 serde^11.0.130up to date
 serde_derive^11.0.130up to date

Dev dependencies

(4 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.30.3.5up to date
 quickcheck^0.9.01.0.3out of date
 serde_json^11.0.72up to date
 wasm-bindgen-test^0.30.3.28up to date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References