This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate databend-binaries
Dependencies (3 total, all up-to-date)
Crate Required Latest Status limits-rs ^0.2.0
0.2.0
up to date sentry ^0.32.2
0.32.3
up to date url ^2.3.1
2.5.0
up to date
Crate databend-common-arrow
Dependencies (28 total, 5 outdated)
Dev dependencies (7 total, 2 outdated, 1 possibly insecure)
Crate databend-common-auth
Dependencies (2 total, 2 outdated)
Crate Required Latest Status base64 ^0.21.0
0.22.0
out of date http ^0.2
1.1.0
out of date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.4.0
3.10.1
up to date
Crate databend-common-base
Dependencies (11 total, 2 outdated)
Crate databend-common-building
Dependencies (4 total, 3 outdated)
Crate databend-common-cache
Dependencies (2 total, 1 outdated)
Crate Required Latest Status hashbrown ^0.14.3
0.14.3
up to date hashlink ^0.8
0.9.0
out of date
Crate databend-common-cloud-control
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status tower ^0.4
0.4.13
up to date
Build dependencies (1 total, all up-to-date)
Crate databend-common-compress
Dependencies (2 total, 1 outdated)
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status env_logger ^0.10
0.11.3
out of date
Crate databend-common-exception
Dependencies (3 total, 2 outdated)
Crate Required Latest Status http ^0.2
1.1.0
out of date paste ^1.0.9
1.0.14
up to date tantivy ^0.21.1
0.22.0
out of date
Crate databend-common-grpc
Dependencies (3 total, 2 outdated)
Crate databend-common-hashtable
Dependencies (2 total, all up-to-date)
Crate Required Latest Status ahash ^0.8.2
0.8.11
up to date cfg-if ^1.0.0
1.0.0
up to date
Crate databend-common-http
Dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.4.0
3.10.1
up to date
Dev dependencies (1 total, all up-to-date)
Crate databend-common-io
Dependencies (4 total, 1 outdated)
Dev dependencies (2 total, all up-to-date)
Crate databend-common-metrics
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status tokio ^1.26.0
1.37.0
up to date
Crate databend-common-openai
No external dependencies! 🙌
Crate databend-common-tracing
Dependencies (11 total, 3 outdated)
Crate databend-common-storage
Dependencies (2 total, 1 outdated)
Crate Required Latest Status flagset ^0.4
0.4.5
up to date metrics ^0.20.1
0.22.3
out of date
Crate databend-common-vector
Dependencies (1 total, all up-to-date)
Crate Required Latest Status ndarray ^0.15.6
0.15.6
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status approx ^0.5.1
0.5.1
up to date
Crate databend-common-license
Dependencies (3 total, 3 outdated)
Crate databend-common-ast
Dependencies (13 total, 6 outdated)
Dev dependencies (3 total, 1 outdated)
Crate databend-codegen
No external dependencies! 🙌
Crate databend-common-config
Dependencies (2 total, 1 outdated)
Crate Required Latest Status hex ^0.4.3
0.4.3
up to date strum ^0.24.1
0.26.2
out of date
Dev dependencies (1 total, all up-to-date)
Crate databend-common-constraint
Dependencies (1 total, all up-to-date)
Crate Required Latest Status z3 ^0.12.1
0.12.1
up to date
Dev dependencies (2 total, 1 outdated)
Crate databend-common-catalog
Dependencies (4 total, all up-to-date)
Crate Required Latest Status dyn-clone ^1.0.9
1.0.17
up to date sha2 ^0.10.6
0.10.8
up to date thrift ^0.17.0
0.17.0
up to date xorf ^0.11.0
0.11.0
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status goldenfile ^1.4
1.7.1
up to date
Crate databend-common-sharing
Dependencies (2 total, 1 outdated)
Crate Required Latest Status http ^0.2
1.1.0
out of date moka ^0.12
0.12.7
up to date
Crate databend-sharing-endpoint
Dependencies (2 total, 1 outdated)
Crate Required Latest Status time ^0.3
0.3.36
up to date base64 ^0.21.0
0.22.0
out of date
Crate databend-common-datavalues
Dependencies (2 total, 1 outdated)
Crate databend-common-expression
Dependencies (15 total, 6 outdated)
Dev dependencies (3 total, all up-to-date)
Crate databend-common-formats
Dependencies (9 total, 2 outdated)
Dev dependencies (1 total, all up-to-date)
Crate databend-common-functions
Dependencies (25 total, 5 outdated)
Dev dependencies (2 total, 1 outdated)
Crate databend-common-management
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde ^1.0.150
1.0.198
up to date
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status mockall ^0.11.2
0.12.1
out of date
Crate databend-common-pipeline-core
Dependencies (1 total, all up-to-date)
Crate Required Latest Status petgraph ^0.6.2
0.6.4
up to date
Crate databend-common-pipeline-sinks
Dependencies (1 total, 1 outdated)
Crate databend-common-pipeline-sources
Dependencies (4 total, 1 outdated)
Crate databend-common-pipeline-transforms
No external dependencies! 🙌
Crate databend-common-script
Dev dependencies (2 total, all up-to-date)
Crate databend-common-settings
Dependencies (2 total, all up-to-date)
Crate Required Latest Status num_cpus ^1.13.1
1.16.0
up to date sys-info ^0.9
0.9.1
up to date
Crate databend-common-sql
Dependencies (16 total, 4 outdated)
Crate databend-storages-common-blocks
No external dependencies! 🙌
Crate databend-storages-common-cache
Dependencies (4 total, 1 outdated)
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.4.0
3.10.1
up to date
Crate databend-storages-common-cache-manager
No external dependencies! 🙌
Crate databend-storages-common-index
Dependencies (2 total, 1 outdated)
Crate Required Latest Status cbordata ^0.6.0
0.6.0
up to date tantivy ^0.21.1
0.22.0
out of date
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status criterion ^0.4
0.5.1
out of date
Crate databend-storages-common-pruner
No external dependencies! 🙌
Crate databend-storages-common-table-meta
Dependencies (6 total, 2 outdated)
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status pot ^2.0.0
3.0.0
out of date
Crate databend-common-storages-delta
Dependencies (7 total, all up-to-date)
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status maplit ^1.0.2
1.0.2
up to date
Crate databend-common-storages-factory
No external dependencies! 🙌
Crate databend-common-storages-fuse
Dependencies (14 total, 5 outdated)
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status criterion ^0.4
0.5.1
out of date
Crate databend-common-storages-hive
Dependencies (4 total, 1 outdated)
Crate databend-common-storages-iceberg
Dependencies (1 total, all up-to-date)
Crate Required Latest Status icelake ^0.0.10
0.0.10
up to date
Crate databend-common-storages-information-schema
No external dependencies! 🙌
Crate databend-common-storages-memory
No external dependencies! 🙌
Crate databend-common-storages-null
No external dependencies! 🙌
Crate databend-common-storages-random
No external dependencies! 🙌
Crate databend-common-storages-share
Dev dependencies (2 total, all up-to-date)
Crate databend-common-storages-stage
Dependencies (3 total, all up-to-date)
Crate databend-common-storages-stream
No external dependencies! 🙌
Crate databend-common-storages-system
Dependencies (2 total, all up-to-date)
Crate databend-common-storages-view
No external dependencies! 🙌
Crate databend-common-storages-parquet
Dependencies (1 total, all up-to-date)
Crate Required Latest Status thrift ^0.17.0
0.17.0
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.4.0
3.10.1
up to date
Crate databend-common-storages-result-cache
Dependencies (1 total, all up-to-date)
Crate Required Latest Status sha2 ^0.10.6
0.10.8
up to date
Crate databend-common-users
Dependencies (5 total, 2 outdated)
Crate Required Latest Status base64 ^0.21
0.22.0
out of date cidr ^0.2.2
0.2.2
up to date jwt-simple ^0.11
0.12.9
out of date p256 ^0.13
0.13.2
up to date passwords ^3.1.16
3.1.16
up to date
Dev dependencies (2 total, 1 outdated)
Crate databend-enterprise-vacuum-handler
No external dependencies! 🙌
Crate databend-enterprise-background-service
No external dependencies! 🙌
Crate databend-enterprise-aggregating-index
No external dependencies! 🙌
Crate databend-enterprise-data-mask-feature
No external dependencies! 🙌
Crate databend-enterprise-storage-encryption
No external dependencies! 🙌
Crate databend-enterprise-stream-handler
No external dependencies! 🙌
Crate databend-query
Dependencies (37 total, 18 outdated, 1 possibly insecure)
Dev dependencies (15 total, 4 outdated)
Crate databend-enterprise-query
Dependencies (2 total, 1 outdated)
Crate Required Latest Status jwt-simple ^0.11.0
0.12.9
out of date tempfile ^3.4.0
3.10.1
up to date
Crate databend-common-meta-api
Dependencies (1 total, all up-to-date)
Crate Required Latest Status maplit ^1.0.2
1.0.2
up to date
Crate databend-common-meta-app
Dependencies (8 total, 1 outdated)
Crate Required Latest Status cron ^0.12.0
0.12.1
up to date hex ^0.4.3
0.4.3
up to date maplit ^1.0.2
1.0.2
up to date num-derive ^0.3.3
0.4.2
out of date num-traits ^0.2.15
0.2.18
up to date paste ^1.0.9
1.0.14
up to date sha1 ^0.10.5
0.10.6
up to date sha2 ^0.10.6
0.10.8
up to date
Crate databend-common-meta-embedded
Dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.4.0
3.10.1
up to date
Crate databend-common-meta-kvapi
No external dependencies! 🙌
Crate databend-common-meta-process
No external dependencies! 🙌
Crate databend-common-meta-raft-store
Dependencies (3 total, 1 outdated)
Crate Required Latest Status hostname ^0.3.1
0.4.0
out of date maplit ^1.0.2
1.0.2
up to date num ^0.4.0
0.4.2
up to date
Dev dependencies (3 total, 1 outdated)
Crate databend-common-meta-sled-store
Dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.4.0
3.10.1
up to date
Dev dependencies (2 total, 1 outdated)
Crate databend-common-meta-stoerr
No external dependencies! 🙌
Crate databend-common-meta-store
No external dependencies! 🙌
Crate databend-common-meta-types
Dependencies (2 total, 1 outdated)
Crate databend-enterprise-meta
No external dependencies! 🙌
Crate databend-common-proto-conv
Dependencies (1 total, all up-to-date)
Crate Required Latest Status num ^0.4.0
0.4.2
up to date
Dev dependencies (3 total, all up-to-date)
Crate databend-common-protos
Dependencies (2 total, 1 outdated)
Build dependencies (1 total, all up-to-date)
Crate databend-meta
Dependencies (3 total, all up-to-date)
Dev dependencies (6 total, 2 outdated)
Crate databend-sqllogictests
Dependencies (3 total, 2 outdated)
Crate bendpy
Dependencies (2 total, 1 outdated)
Crate Required Latest Status ctor ^0.2.5
0.2.8
up to date pyo3 ^0.20
0.21.2
out of date
Build dependencies (1 total, 1 outdated)
Crate databend-sqlsmith
Dependencies (6 total, 3 outdated)
Crate databend-common-meta-client
No external dependencies! 🙌
Crate databend-storages-common-txn
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde ^1.0.194
1.0.198
up to date
Crate databend-enterprise-inverted-index
No external dependencies! 🙌
Crate databend-enterprise-virtual-column
No external dependencies! 🙌
Security Vulnerabilities tokio
: reject_remote_clients Configuration corruptionRUSTSEC-2023-0001
On Windows, configuring a named pipe server with pipe_mode will force ServerOptions ::reject_remote_clients as false
.
This drops any intended explicit configuration for the reject_remote_clients that may have been set as true
previously.
The default setting of reject_remote_clients is normally true
meaning the default is also overridden as false
.
Workarounds
Ensure that pipe_mode is set first after initializing a ServerOptions . For example:
let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);
Patched
>=1.18.4, <1.19.0
>=1.20.3, <1.21.0
>=1.23.1
rustls
: `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network inputRUSTSEC-2024-0336
If a close_notify
alert is received during a handshake, complete_io
does not terminate.
Callers which do not call complete_io
are not affected.
rustls-tokio
and rustls-ffi
do not call complete_io
and are not affected.
rustls::Stream
and rustls::StreamOwned
types use
complete_io
and are affected.
Patched
>=0.23.5
>=0.22.4, <0.23.0
>=0.21.11, <0.22.0