This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate meilisearch
Dependencies (60 total, 4 outdated, 1 possibly insecure)
Dev dependencies (9 total, all up-to-date)
Build dependencies (9 total, 1 outdated)
Crate meilisearch-types
Dependencies (21 total, 1 outdated, 1 possibly insecure)
Dev dependencies (3 total, all up-to-date)
Crate meilisearch-auth
Dependencies (11 total, 1 outdated)
Crate Required Latest Status base64 ^0.13.1
0.21.0
out of date enum-iterator ^1.1.3
1.2.0
up to date hmac ^0.12.1
0.12.1
up to date rand ^0.8.5
0.8.5
up to date roaring ^0.10.0
0.10.1
up to date serde ^1.0.145
1.0.152
up to date serde_json ^1.0.85
1.0.91
up to date sha2 ^0.10.6
0.10.6
up to date thiserror ^1.0.37
1.0.38
up to date time ^0.3.15
0.3.17
up to date uuid ^1.1.2
1.3.0
up to date
Crate meili-snap
Dependencies (3 total, all up-to-date)
Crate Required Latest Status insta ^1.19.1
1.26.0
up to date md5 ^0.7.0
0.7.0
up to date once_cell ^1.15
1.17.0
up to date
Crate index-scheduler
Dependencies (15 total, 1 outdated)
Dev dependencies (3 total, all up-to-date)
Crate Required Latest Status big_s ^1.0.2
1.0.2
up to date crossbeam ^0.8.2
0.8.2
up to date insta ^1.19.1
1.26.0
up to date
Crate dump
Dependencies (14 total, all up-to-date)
Crate Required Latest Status anyhow ^1.0.65
1.0.68
up to date flate2 ^1.0.22
1.0.25
up to date http ^0.2.8
0.2.8
up to date log ^0.4.17
0.4.17
up to date once_cell ^1.15.0
1.17.0
up to date regex ^1.6.0
1.7.1
up to date roaring ^0.10.0
0.10.1
up to date serde ^1.0.136
1.0.152
up to date serde_json ^1.0.85
1.0.91
up to date tar ^0.4.38
0.4.38
up to date tempfile ^3.3.0
3.3.0
up to date thiserror ^1.0.30
1.0.38
up to date time ^0.3.7
0.3.17
up to date uuid ^1.1.2
1.3.0
up to date
Dev dependencies (2 total, all up-to-date)
Crate Required Latest Status big_s ^1.0.2
1.0.2
up to date maplit ^1.0.2
1.0.2
up to date
Crate file-store
Dependencies (3 total, all up-to-date)
Crate Required Latest Status tempfile ^3.3.0
3.3.0
up to date thiserror ^1.0.30
1.0.38
up to date uuid ^1.1.2
1.3.0
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status faux ^0.1.8
0.1.9
up to date
Crate permissive-json-pointer
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0
1.0.91
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status big_s ^1.0
1.0.2
up to date
Crate milli
Dependencies (35 total, 2 outdated)
Dev dependencies (5 total, all up-to-date)
Crate Required Latest Status big_s ^1.0.2
1.0.2
up to date insta ^1.21.0
1.26.0
up to date maplit ^1.0.2
1.0.2
up to date md5 ^0.7.0
0.7.0
up to date rand ^0.8.5
0.8.5
up to date
Crate filter-parser
Dependencies (2 total, all up-to-date)
Crate Required Latest Status nom ^7.1.1
7.1.3
up to date nom_locate ^4.0.0
4.1.0
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status insta ^1.21.0
1.26.0
up to date
Crate flatten-serde-json
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0
1.0.91
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status criterion ^0.4.0
0.4.0
up to date
Crate json-depth-checker
Dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0
1.0.91
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status criterion ^0.4.0
0.4.0
up to date
Crate benchmarks
Dependencies (4 total, all up-to-date)
Crate Required Latest Status anyhow ^1.0.65
1.0.68
up to date csv ^1.1.6
1.1.6
up to date mimalloc ^0.1.29
0.1.34
up to date serde_json ^1.0.85
1.0.91
up to date
Dev dependencies (4 total, all up-to-date)
Build dependencies (5 total, all up-to-date)
Security Vulnerabilities tokio
: reject_remote_clients Configuration corruptionRUSTSEC-2023-0001
On Windows, configuring a named pipe server with pipe_mode will force ServerOptions ::reject_remote_clients as false
.
This drops any intended explicit configuration for the reject_remote_clients that may have been set as true
previously.
The default setting of reject_remote_clients is normally true
meaning the default is also overriden as false
.
Workarounds
Ensure that pipe_mode is set first after initializing a ServerOptions . For example:
let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);
Patched
>=1.18.4, <1.19.0
>=1.20.3, <1.21.0
>=1.23.1