This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate rocksdb
Dependencies (2 total, all up-to-date)
Crate Required Latest Status libc ^0.2
0.2.154
up to date serde ^1
1.0.200
up to date
Dev dependencies (5 total, all up-to-date)
Crate librocksdb-sys
Dependencies (6 total, 1 possibly insecure)
Dev dependencies (2 total, all up-to-date)
Crate Required Latest Status const-cstr ^0.3
0.3.0
up to date uuid ^1.0
1.8.0
up to date
Build dependencies (4 total, 1 outdated)
Crate Required Latest Status cc ^1.0
1.0.96
up to date bindgen ^0.64
0.69.4
out of date glob ^0.3
0.3.1
up to date pkg-config ^0.3
0.3.30
up to date
Security Vulnerabilities lz4-sys
: Memory corruption in liblz4RUSTSEC-2022-0051
lz4-sys up to v1.9.3 bundles a version of liblz4 that is vulnerable to
CVE-2021-3520 .
Attackers could craft a payload that triggers an integer overflow upon
decompression, causing an out-of-bounds write.
The flaw has been corrected in version v1.9.4 of liblz4, which is included
in lz4-sys 1.9.4.