This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate starling

Dependencies

(26 total, 3 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 bincode^1.3.31.3.3up to date
 blake2-rfc^0.2.180.2.18up to date
 serde^1.0.1381.0.145up to date
 serde_json^1.0.821.0.85up to date
 ciborium^0.2.00.2.0up to date
 serde_yaml^0.8.240.9.13out of date
 serde-pickle^1.1.11.1.1up to date
 ron^0.7.10.8.0out of date
 groestl^0.10.10.10.1up to date
 openssl^0.10.400.10.42up to date
 tiny-keccak^2.0.22.0.2up to date
 hashbrown^0.12.10.12.3up to date
 rocksdb ⚠️^0.18.00.19.0out of date
 seahash^4.1.04.1.0up to date
 fxhash^0.2.10.2.1up to date
 rand^0.8.50.8.5up to date
 digest^0.10.30.10.5up to date
 blake2^0.10.40.10.4up to date
 md2^0.10.10.10.1up to date
 md4^0.10.10.10.1up to date
 md-5^0.10.10.10.5up to date
 ripemd^0.1.10.1.3up to date
 sha-1^0.10.00.10.0up to date
 sha2^0.10.20.10.6up to date
 sha3^0.10.10.10.5up to date
 whirlpool^0.10.10.10.4up to date

Dev dependencies

(2 total, 1 outdated)

CrateRequiredLatestStatus
 criterion^0.3.50.4.0out of date
 rand^0.8.50.8.5up to date

Security Vulnerabilities

rocksdb: Out-of-bounds read when opening multiple column families with TTL

RUSTSEC-2022-0046

Affected versions of this crate called the RocksDB C API rocksdb_open_column_families_with_ttl() with a pointer to a single integer TTL value, but one TTL value for each column family is expected.

This is only relevant when using rocksdb::DBWithThreadMode::open_cf_descriptors_with_ttl() with multiple column families.

This bug has been fixed in v0.19.0.