This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
bnuuy(17 total, 7 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| snafu | ^0.7 | 0.8.5 | out of date |
| input_buffer | ^0.5 | 0.5.0 | up to date |
| bytes | ^1.4 | 1.10.1 | up to date |
| amq-protocol | ^7.1 | 8.1.1 | out of date |
| mio | ^0.6 | 1.0.3 | out of date |
| mio-extras | ^2.0 | 2.0.6 | up to date |
| cookie-factory | ^0.3 | 0.3.3 | up to date |
| crossbeam-channel | ^0.5 | 0.5.15 | up to date |
| indexmap | ^2.0 | 2.9.0 | up to date |
| url | ^2.4.0 | 2.5.4 | up to date |
| percent-encoding | ^2.3 | 2.3.1 | up to date |
| tracing | ^0.1.37 | 0.1.41 | up to date |
| rustls ⚠️ | ^0.20 | 0.23.26 | out of date |
| rustls-connector | ^0.16.1 | 0.21.6 | out of date |
| webpki-roots | ^0.22 | 0.26.8 | out of date |
| rustls-native-certs | ^0.6 | 0.8.1 | out of date |
| native-tls | ^0.2.10 | 0.2.14 | up to date |
(3 total, all up-to-date)
| Crate | Required | Latest | Status |
|---|---|---|---|
| uuid | ^1.4 | 1.16.0 | up to date |
| mockstream | ^0.0.3 | 0.0.3 | up to date |
| tracing-subscriber | ^0.3.17 | 0.3.19 | up to date |
(1 total, 1 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| built | ^0.6.1 | 0.7.7 | out of date |
rustls: `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network inputIf a close_notify alert is received during a handshake, complete_io
does not terminate.
Callers which do not call complete_io are not affected.
rustls-tokio and rustls-ffi do not call complete_io
and are not affected.
rustls::Stream and rustls::StreamOwned types use
complete_io and are affected.