This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate cargo-generate

Dependencies

(33 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 clap~4.54.5.7up to date
 git2~0.180.18.3up to date
 auth-git2~0.50.5.4up to date
 console~0.150.15.8up to date
 dialoguer~0.110.11.0up to date
 indicatif~0.170.17.8up to date
 tempfile~3.103.10.1up to date
 regex~1.101.10.5up to date
 heck~0.50.5.0up to date
 walkdir~2.52.5.0up to date
 remove_dir_all~0.80.8.2up to date
 ignore~0.40.4.22up to date
 anyhow~1.01.0.86up to date
 toml~0.80.8.14up to date
 thiserror~1.01.0.61up to date
 home~0.50.5.9up to date
 sanitize-filename~0.50.5.0up to date
 rhai~1.181.18.0up to date
 path-absolutize~3.13.1.1up to date
 gix-config~0.360.37.0out of date
 paste~1.01.0.15up to date
 names~0.140.14.0up to date
 log~0.40.4.21up to date
 env_logger~0.110.11.3up to date
 indexmap~22.2.6up to date
 fs-err^2.112.11.0up to date
 liquid~0.260.26.6up to date
 liquid-core~0.260.26.6up to date
 liquid-lib~0.260.26.6up to date
 liquid-derive~0.260.26.5up to date
 openssl ⚠️~0.100.10.64maybe insecure
 semver~1.01.0.23up to date
 serde~1.01.0.203up to date

Dev dependencies

(5 total, all up-to-date)

CrateRequiredLatestStatus
 predicates~3.13.1.0up to date
 assert_cmd~2.02.0.14up to date
 indoc~2.02.0.5up to date
 url~2.52.5.1up to date
 bstr~1.91.9.1up to date

Security Vulnerabilities

openssl: `openssl` `X509VerifyParamRef::set_host` buffer over-read

RUSTSEC-2023-0044

When this function was passed an empty string, openssl would attempt to call strlen on it, reading arbitrary memory until it reached a NUL byte.