Deps.rs

containerd / rust-extensions

[![dependency status](https://deps.rs/repo/github/containerd/rust-extensions/status.svg)](https://deps.rs/repo/github/containerd/rust-extensions)

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate containerd-client

Dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 hyper-util^0.1.60.1.10up to date

Crate containerd-shim-logging

No external dependencies! 🙌

Crate runc

Dependencies

(2 total, all up-to-date)

CrateRequiredLatestStatus
 path-absolutize^3.0.113.1.1up to date
 tokio-pipe^0.2.100.2.12up to date

Crate containerd-runc-shim

No external dependencies! 🙌

Crate containerd-shim

Dependencies

(8 total, all up-to-date)

CrateRequiredLatestStatus
 which^7.0.17.0.2up to date
 go-flag^0.1.00.1.0up to date
 lazy_static^1.4.01.5.0up to date
 sha2^0.10.20.10.8up to date
 page_size^0.6.00.6.0up to date
 signal-hook^0.3.130.3.17up to date
 tracing^0.10.1.41up to date
 signal-hook-tokio^0.3.10.3.1up to date

Crate containerd-shim-protos

Dependencies

(2 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 protobuf ⚠️>=3.0, <3.5.03.7.2out of date
 ttrpc^0.8.30.8.4up to date

Dev dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 ctrlc^3.03.4.5up to date

Build dependencies

(1 total, 1 outdated)

CrateRequiredLatestStatus
 ttrpc-codegen^0.4.20.5.0out of date

Crate containerd-snapshots

Dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 async-stream^0.3.30.3.6up to date
 pin-utils^0.1.00.1.0up to date
 tokio-stream^0.1.80.1.17up to date

Security Vulnerabilities

protobuf: Crash due to uncontrolled recursion in protobuf crate

RUSTSEC-2024-0437

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data.