exonum / exonum

This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate `exonum-cli`

Dependencies

(8 total, 1 outdated)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
log	`^0.4`	`0.4.27`	up to date
rpassword	`^7`	`7.4.0`	up to date
serde	`^1.0`	`1.0.219`	up to date
structopt	`^0.3`	`0.3.26`	up to date
tempfile	`^3.2`	`3.20.0`	up to date
toml	`^0.7`	`0.8.23`	out of date
zeroize	`^1`	`1.8.1`	up to date

Dev dependencies

(5 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
futures	`^0.3`	`0.3.31`	up to date
lazy_static	`^1.4`	`1.5.0`	up to date
pretty_assertions	`^1`	`1.4.1`	up to date
reqwest	`^0.11`	`0.12.22`	out of date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum`

Dependencies

(12 total, 2 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
log	`^0.4`	`0.4.27`	up to date
hex	`^0.4`	`0.4.3`	up to date
serde	`^1`	`1.0.219`	up to date
serde_str	`^0.1`	`0.1.0`	up to date
env_logger	`^0.10`	`0.11.8`	out of date
futures	`^0.3`	`0.3.31`	up to date
os_info	`^3`	`3.12.0`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
semver	`^1`	`1.0.26`	up to date
thiserror	`^1`	`2.0.12`	out of date
time	`^0.3`	`0.3.41`	up to date

Dev dependencies

(7 total, 4 outdated)

Crate	Required	Latest	Status
assert_matches	`^1.3`	`1.5.0`	up to date
bincode	`^1.3`	`2.0.1`	out of date
bit-vec	`^0.6`	`0.8.0`	out of date
criterion	`^0.4`	`0.6.0`	out of date
pretty_assertions	`^1`	`1.4.1`	up to date
rand	`^0.8`	`0.9.1`	out of date
serde_json	`^1.0`	`1.0.140`	up to date

Crate `exonum-node`

Dependencies

(20 total, 4 outdated, 3 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
async-trait	`^0.1`	`0.1.88`	up to date
bit-vec	`^0.6`	`0.8.0`	out of date
byteorder	`^1.4`	`1.5.0`	up to date
bytes	`^1`	`1.10.1`	up to date
futures	`^0.3`	`0.3.31`	up to date
futures-retry	`^0.6`	`0.6.0`	up to date
log	`^0.4.6`	`0.4.27`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
rand	`^0.8`	`0.9.1`	out of date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
snow ⚠️	`^0.9`	`0.9.6`	maybe insecure
socket2	`^0.4`	`0.5.10`	out of date
thiserror	`^1.0`	`2.0.12`	out of date
time	`^0.3`	`0.3.41`	up to date
tokio-stream	`^0.1`	`0.1.17`	up to date
tokio-util	`^0.7`	`0.7.15`	up to date
exonum_sodiumoxide	`^0.0.24`	`0.0.24`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Dev dependencies

(6 total, 3 outdated)

Crate	Required	Latest	Status
bincode	`^1.3`	`2.0.1`	out of date
criterion	`^0.4`	`0.6.0`	out of date
hex	`^0.4`	`0.4.3`	up to date
pretty_assertions	`^1`	`1.4.1`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
toml	`^0.7.2`	`0.8.23`	out of date

Crate `exonum-cryptocurrency`

Dependencies

(4 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
serde	`^1`	`1.0.219`	up to date
serde_json	`^1`	`1.0.140`	up to date

Dev dependencies

(3 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
pretty_assertions	`^1`	`1.4.1`	up to date
rand	`^0.8`	`0.9.1`	out of date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-cryptocurrency-advanced`

Dependencies

(4 total, 2 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
serde	`^1`	`1.0.219`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Dev dependencies

(4 total, 2 outdated)

Crate	Required	Latest	Status
bincode	`^1.3`	`2.0.1`	out of date
hex	`^0.4`	`0.4.3`	up to date
rand	`^0.8`	`0.9.1`	out of date
serde_json	`^1.0`	`1.0.140`	up to date

Crate `exonum-sample-runtime`

Dependencies

(2 total, 1 possibly insecure)

Crate	Required	Latest	Status
futures	`^0.3`	`0.3.31`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-timestamping`

Dependencies

(7 total, 2 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
log	`^0.4`	`0.4.27`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
serde	`^1`	`1.0.219`	up to date
serde_json	`^1`	`1.0.140`	up to date
time	`^0.3`	`0.3.41`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-explorer-service`

Dependencies

(12 total, 1 outdated)

Crate	Required	Latest	Status
actix	`^0.13`	`0.13.5`	up to date
actix_derive	`^0.6`	`0.6.2`	up to date
actix-web	`^4.1`	`4.11.0`	up to date
actix-web-actors	`^4.1`	`4.3.1+deprecated`	up to date
anyhow	`^1.0`	`1.0.98`	up to date
futures	`^0.3.4`	`0.3.31`	up to date
hex	`^0.4.0`	`0.4.3`	up to date
log	`^0.4.6`	`0.4.27`	up to date
rand	`^0.8`	`0.9.1`	out of date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
serde_json	`^1.0`	`1.0.140`	up to date

Dev dependencies

(4 total, 2 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
assert_matches	`^1.3.0`	`1.5.0`	up to date
tokio-tungstenite	`^0.18`	`0.27.0`	out of date
reqwest	`^0.11`	`0.12.22`	out of date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-middleware-service`

Dependencies

(5 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
semver	`^1.0`	`1.0.26`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date

Dev dependencies

(1 total, all up-to-date)

Crate	Required	Latest	Status
serde_json	`^1.0`	`1.0.140`	up to date

Crate `exonum-time`

Dependencies

(7 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
futures	`^0.3.4`	`0.3.31`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
time	`^0.3`	`0.3.41`	up to date

Dev dependencies

(3 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
bincode	`^1.3`	`2.0.1`	out of date
pretty_assertions	`^1`	`1.4.1`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-supervisor`

Dependencies

(10 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
base64	`^0.13.0`	`0.22.1`	out of date
byteorder	`^1.3`	`1.5.0`	up to date
futures	`^0.3`	`0.3.31`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
serde_str	`^0.1.0`	`0.1.0`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
log	`^0.4.6`	`0.4.27`	up to date

Dev dependencies

(1 total, 1 possibly insecure)

Crate	Required	Latest	Status
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-testkit`

Dependencies

(12 total, 1 outdated, 2 possibly insecure)

Crate	Required	Latest	Status
actix	`^0.13`	`0.13.5`	up to date
actix-test	`^0.1`	`0.1.5`	up to date
actix-web	`^4`	`4.11.0`	up to date
futures	`^0.3`	`0.3.31`	up to date
log	`^0.4`	`0.4.27`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
reqwest	`^0.11`	`0.12.22`	out of date
serde	`^1`	`1.0.219`	up to date
serde_json	`^1`	`1.0.140`	up to date
serde_urlencoded	`^0.7`	`0.7.1`	up to date
time	`^0.3`	`0.3.41`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Dev dependencies

(6 total, 2 outdated)

Crate	Required	Latest	Status
assert_matches	`^1`	`1.5.0`	up to date
bincode	`^1`	`2.0.1`	out of date
hex	`^0.4`	`0.4.3`	up to date
lazy_static	`^1`	`1.5.0`	up to date
pretty_assertions	`^1`	`1.4.1`	up to date
rand	`^0.8`	`0.9.1`	out of date

Crate `exonum-testkit-server`

Dependencies

(1 total, 1 possibly insecure)

Crate	Required	Latest	Status
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-rust-runtime-proto-tests`

Dependencies

(7 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
bit-vec	`^0.6`	`0.8.0`	out of date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
pretty_assertions	`^1`	`1.4.1`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
time	`^0.3`	`0.3.41`	up to date

Dev dependencies

(2 total, 1 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
reqwest	`^0.11`	`0.12.22`	out of date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-soak-tests`

Dependencies

(8 total, 2 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
bincode	`^1`	`2.0.1`	out of date
futures	`^0.3`	`0.3.31`	up to date
log	`^0.4`	`0.4.27`	up to date
reqwest	`^0.11`	`0.12.22`	out of date
serde	`^1`	`1.0.219`	up to date
structopt	`^0.3`	`0.3.26`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Crate `exonum-rust-runtime`

Dependencies

(7 total, 2 possibly insecure)

Crate	Required	Latest	Status
actix-web	`^4.1`	`4.11.0`	up to date
futures	`^0.3`	`0.3.31`	up to date
log	`^0.4`	`0.4.27`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Dev dependencies

(8 total, 3 outdated)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
assert_matches	`^1.3`	`1.5.0`	up to date
bincode	`^1.3`	`2.0.1`	out of date
criterion	`^0.4`	`0.6.0`	out of date
pretty_assertions	`^1`	`1.4.1`	up to date
rand	`^0.8`	`0.9.1`	out of date
serde_json	`^1.0`	`1.0.140`	up to date
tempfile	`^3.2`	`3.20.0`	up to date

Crate `exonum-api`

Dependencies

(12 total, 2 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
actix-cors	`^0.6`	`0.7.1`	out of date
actix-server	`^2.1`	`2.6.0`	up to date
actix-web	`^4.1`	`4.11.0`	up to date
anyhow	`^1.0`	`1.0.98`	up to date
futures	`^0.3`	`0.3.31`	up to date
log	`^0.4`	`0.4.27`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
serde_urlencoded	`^0.7`	`0.7.1`	up to date
thiserror	`^1.0`	`2.0.12`	out of date
time	`^0.3`	`0.3.41`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Dev dependencies

(2 total, 1 outdated)

Crate	Required	Latest	Status
pretty_assertions	`^1`	`1.4.1`	up to date
toml	`^0.7`	`0.8.23`	out of date

Crate `exonum-build`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
protobuf-codegen	`^3`	`3.7.2`	up to date
walkdir	`^2`	`2.5.0`	up to date
quote	`^1`	`1.0.40`	up to date
proc-macro2	`^1`	`1.0.95`	up to date

Crate `exonum-crypto`

Dependencies

(5 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0.26`	`1.0.98`	up to date
hex	`^0.4.2`	`0.4.3`	up to date
serde	`^1`	`1.0.219`	up to date
exonum_sodiumoxide	`^0.0.24`	`0.0.24`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure

Dev dependencies

(2 total, all up-to-date)

Crate	Required	Latest	Status
serde_json	`^1.0`	`1.0.140`	up to date
tempfile	`^3.2`	`3.20.0`	up to date

Crate `exonum-derive`

Dependencies

(5 total, 2 outdated)

Crate	Required	Latest	Status
darling	`^0.14`	`0.20.11`	out of date
proc-macro2	`^1.0`	`1.0.95`	up to date
quote	`^1.0`	`1.0.40`	up to date
syn	`^1.0`	`2.0.104`	out of date
semver	`^1.0`	`1.0.26`	up to date

Crate `exonum-explorer`

Dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
hex	`^0.4.2`	`0.4.3`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
time	`^0.3`	`0.3.41`	up to date

Dev dependencies

(2 total, 1 outdated)

Crate	Required	Latest	Status
bincode	`^1.3`	`2.0.1`	out of date
serde_json	`^1.0`	`1.0.140`	up to date

Crate `exonum-keys`

Dependencies

(8 total, 3 outdated)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
rand	`^0.8`	`0.9.1`	out of date
pwbox	`^0.5`	`0.5.0`	up to date
secrecy	`^0.8`	`0.10.3`	out of date
secret-tree	`^0.5`	`0.5.0`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
toml	`^0.7`	`0.8.23`	out of date

Dev dependencies

(4 total, all up-to-date)

Crate	Required	Latest	Status
hex	`^0.4.2`	`0.4.3`	up to date
serde_json	`^1.0`	`1.0.140`	up to date
structopt	`^0.3`	`0.3.26`	up to date
tempfile	`^3.2`	`3.20.0`	up to date

Crate `exonum-merkledb`

Dependencies

(16 total, 3 outdated, 2 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
byteorder	`^1.3`	`1.5.0`	up to date
enum-primitive-derive	`^0.2`	`0.3.0`	out of date
im	`^15`	`15.1.0`	up to date
leb128	`^0.2`	`0.2.5`	up to date
num-traits	`^0.2`	`0.2.19`	up to date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
rocksdb	`^0.20`	`0.23.0`	out of date
rust_decimal	`^1.0`	`1.37.2`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date
smallvec ⚠️	`^1.6`	`1.15.1`	maybe insecure
tempfile	`^3.2`	`3.20.0`	up to date
thiserror	`^1.0`	`2.0.12`	out of date
time	`^0.3`	`0.3.41`	up to date
uuid	`^1`	`1.17.0`	up to date

Dev dependencies

(11 total, 4 outdated)

Crate	Required	Latest	Status
assert_matches	`^1.3`	`1.5.0`	up to date
bincode	`^1.3`	`2.0.1`	out of date
criterion	`^0.4`	`0.6.0`	out of date
hex	`^0.4.0`	`0.4.3`	up to date
modifier	`^0.1`	`0.1.0`	up to date
proptest	`^1.0`	`1.7.0`	up to date
pretty_assertions	`^1`	`1.4.1`	up to date
rand	`^0.8`	`0.9.1`	out of date
rand_xorshift	`^0.3.0`	`0.4.0`	out of date
serde_json	`^1.0`	`1.0.140`	up to date
url	`^2.0`	`2.5.4`	up to date

Crate `exonum-proto`

Dependencies

(7 total, 2 outdated, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1`	`1.0.98`	up to date
base64	`^0.13`	`0.22.1`	out of date
bit-vec	`^0.6`	`0.8.0`	out of date
protobuf ⚠️	`^3`	`3.7.2`	maybe insecure
protobuf-convert	`^0.5`	`0.5.0`	up to date
serde	`^1`	`1.0.219`	up to date
time	`^0.3`	`0.3.41`	up to date

Dev dependencies

(2 total, 1 outdated)

Crate	Required	Latest	Status
rand	`^0.8`	`0.9.1`	out of date
serde_json	`^1`	`1.0.140`	up to date

Crate `exonum-system-api`

Dependencies

(5 total, all up-to-date)

Crate	Required	Latest	Status
actix-web	`^4.1`	`4.11.0`	up to date
futures	`^0.3`	`0.3.31`	up to date
semver	`^1.0`	`1.0.26`	up to date
serde	`^1.0`	`1.0.219`	up to date
serde_derive	`^1.0`	`1.0.219`	up to date

Dev dependencies

(3 total, 1 possibly insecure)

Crate	Required	Latest	Status
anyhow	`^1.0`	`1.0.98`	up to date
pretty_assertions	`^1`	`1.4.1`	up to date
tokio ⚠️	`^1`	`1.45.1`	maybe insecure

Security Vulnerabilities

`smallvec`: Buffer overflow in SmallVec::insert_many

RUSTSEC-2021-0003

A bug in the SmallVec::insert_many method caused it to allocate a buffer that was smaller than needed. It then wrote past the end of the buffer, causing a buffer overflow and memory corruption on the heap.

This bug was only triggered if the iterator passed to insert_many yielded more items than the lower bound returned from its size_hint method.

The flaw was corrected in smallvec 0.6.14 and 1.6.1, by ensuring that additional space is always reserved for each item inserted. The fix also simplified the implementation of insert_many to use less unsafe code, so it is easier to verify its correctness.

Thank you to Yechan Bae (@Qwaz) and the Rust group at Georgia Tech’s SSLab for finding and reporting this bug.

`tokio`: reject_remote_clients Configuration corruption

RUSTSEC-2023-0001

On Windows, configuring a named pipe server with pipe_mode will force ServerOptions::reject_remote_clients as false.

This drops any intended explicit configuration for the reject_remote_clients that may have been set as true previously.

The default setting of reject_remote_clients is normally true meaning the default is also overridden as false.

Workarounds

Ensure that pipe_mode is set first after initializing a ServerOptions. For example:

let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);

`snow`: Unauthenticated Nonce Increment in snow

RUSTSEC-2024-0011

There was a logic bug where unauthenticated payloads could still cause a nonce increment in snow's internal state. For an attacker with privileges to inject packets into the channel over which the Noise session operates, this could allow a denial-of-service attack which could prevent message delivery by sending garbage data.

Note that this only affects those who are using the stateful TransportState, not those using StatelessTransportState.

This has been patched in version 0.9.5, and all users are recommended to update.

`protobuf`: Crash due to uncontrolled recursion in protobuf crate

RUSTSEC-2024-0437

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data.

exonum / exonum

Crate exonum-cli

Dependencies

Dev dependencies

Crate exonum

Dependencies

Dev dependencies

Crate exonum-node

Dependencies

Dev dependencies

Crate exonum-cryptocurrency

Dependencies

Dev dependencies

Crate exonum-cryptocurrency-advanced

Dependencies

Dev dependencies

Crate exonum-sample-runtime

Dependencies

Crate exonum-timestamping

Dependencies

Crate exonum-explorer-service

Dependencies

Dev dependencies

Crate exonum-middleware-service

Dependencies

Dev dependencies

Crate exonum-time

Dependencies

Dev dependencies

Crate exonum-supervisor

Dependencies

Dev dependencies

Crate exonum-testkit

Dependencies

Dev dependencies

Crate exonum-testkit-server

Dependencies

Crate exonum-rust-runtime-proto-tests

Dependencies

Dev dependencies

Crate exonum-soak-tests

Dependencies

Crate exonum-rust-runtime

Dependencies

Dev dependencies

Crate exonum-api

Dependencies

Dev dependencies

Crate exonum-build

Dependencies

Crate exonum-crypto

Dependencies

Dev dependencies

Crate exonum-derive

Dependencies

Crate exonum-explorer

Dependencies

Dev dependencies

Crate exonum-keys

Dependencies

Dev dependencies

Crate exonum-merkledb

Dependencies

Dev dependencies

Crate exonum-proto

Dependencies

Dev dependencies

Crate exonum-system-api

Dependencies

Dev dependencies

Security Vulnerabilities

smallvec: Buffer overflow in SmallVec::insert_many

tokio: reject_remote_clients Configuration corruption

Workarounds

snow: Unauthenticated Nonce Increment in snow

protobuf: Crash due to uncontrolled recursion in protobuf crate

Crate `exonum-cli`

Crate `exonum`

Crate `exonum-node`

Crate `exonum-cryptocurrency`

Crate `exonum-cryptocurrency-advanced`

Crate `exonum-sample-runtime`

Crate `exonum-timestamping`

Crate `exonum-explorer-service`

Crate `exonum-middleware-service`

Crate `exonum-time`

Crate `exonum-supervisor`

Crate `exonum-testkit`

Crate `exonum-testkit-server`

Crate `exonum-rust-runtime-proto-tests`

Crate `exonum-soak-tests`

Crate `exonum-rust-runtime`

Crate `exonum-api`

Crate `exonum-build`

Crate `exonum-crypto`

Crate `exonum-derive`

Crate `exonum-explorer`

Crate `exonum-keys`

Crate `exonum-merkledb`

Crate `exonum-proto`

Crate `exonum-system-api`

`smallvec`: Buffer overflow in SmallVec::insert_many

`tokio`: reject_remote_clients Configuration corruption

`snow`: Unauthenticated Nonce Increment in snow

`protobuf`: Crash due to uncontrolled recursion in protobuf crate