This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate lenna_cli

Dependencies

(12 total, 9 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 libloading^0.70.8.6out of date
 structopt^0.30.3.26up to date
 image^0.240.25.5out of date
 pyo3^0.160.23.3out of date
 ndarray^0.150.16.1out of date
 nshare^0.90.10.0out of date
 numpy^0.160.23.0out of date
 pythonize^0.160.23.0out of date
 serde^1.01.0.216up to date
 serde_json^1.01.0.134up to date
 serde_yaml ⚠️^0.80.9.34+deprecatedout of date
 zip^0.62.2.2out of date

Security Vulnerabilities

serde_yaml: Uncontrolled recursion leads to abort in deserialization

RUSTSEC-2018-0005

Affected versions of this crate did not properly check for recursion while deserializing aliases.

This allows an attacker to make a YAML file with an alias referring to itself causing an abort.

The flaw was corrected by checking the recursion depth.