Deps.rs

CrossEyedCat / RustDB

[![dependency status](https://deps.rs/repo/github/CrossEyedCat/RustDB/status.svg)](https://deps.rs/repo/github/CrossEyedCat/RustDB)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate rustdb

Dependencies

(30 total, 1 possibly insecure)

CrateRequiredLatestStatus
 serde^1.01.0.228up to date
 serde_json^1.01.0.149up to date
 bincode-next^2.1.02.1.0up to date
 tokio^1.23.11.52.1up to date
 anyhow^1.01.0.102up to date
 thiserror^2.02.0.18up to date
 clap^4.04.6.1up to date
 log^0.40.4.29up to date
 env_logger^0.110.11.10up to date
 tracing^0.10.1.44up to date
 tracing-subscriber^0.3.200.3.23up to date
 tracing-chrome^0.70.7.2up to date
 tracing-log^0.20.2.0up to date
 memmap2^0.90.9.10up to date
 crossbeam^0.80.8.4up to date
 dashmap^6.16.1.0up to date
 parking_lot^0.120.12.5up to date
 lz4_flex^0.130.13.0up to date
 twox-hash=2.1.22.1.2up to date
 indexmap^2.132.14.0up to date
 uuid^1.01.23.1up to date
 lazy_static^1.41.5.0up to date
 toml^1.01.1.2+spec-1.1.0up to date
 rayon^1.101.12.0up to date
 quinn^0.110.11.9up to date
 postcard^1.11.1.3up to date
 rustls ⚠️^0.230.23.38maybe insecure
 rcgen^0.14.70.14.7up to date
 criterion^0.80.8.2up to date
 io-uring^0.70.7.12up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 criterion^0.80.8.2up to date
 loom^0.7.20.7.2up to date
 tempfile^3.83.27.0up to date
 rand^0.10.10.10.1up to date

Security Vulnerabilities

rustls: rustls network-reachable panic in `Acceptor::accept`

RUSTSEC-2024-0399

A bug introduced in rustls 0.23.13 leads to a panic if the received TLS ClientHello is fragmented. Only servers that use rustls::server::Acceptor::accept() are affected.

Servers that use tokio-rustls's LazyConfigAcceptor API are affected.

Servers that use tokio-rustls's TlsAcceptor API are not affected.

Servers that use rustls-ffi's rustls_acceptor_accept API are affected.