This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate unknown_order

Dependencies

(18 total, 1 possibly insecure)

CrateRequiredLatestStatus
 crypto-bigint^0.50.5.5up to date
 crypto-primes^0.50.5.0up to date
 digest^0.100.10.7up to date
 getrandom^0.20.2.15up to date
 glass_pumpkin^1.71.7.0up to date
 hex^0.40.4.3up to date
 multibase^0.90.9.1up to date
 num-bigint^0.40.4.6up to date
 num-integer^0.10.1.46up to date
 num-traits^0.20.2.19up to date
 openssl ⚠️^0.10.640.10.68maybe insecure
 rand^0.80.8.5up to date
 rug^1.241.26.1up to date
 serde^1.01.0.214up to date
 subtle^2.52.6.1up to date
 wasm-bindgen^0.20.2.95up to date
 zeroize^11.8.1up to date
 serde-wasm-bindgen^0.60.6.5up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 blake2^0.100.10.6up to date
 multibase^0.90.9.1up to date
 serde_json^1.01.0.132up to date
 bincode^1.31.3.3up to date

Security Vulnerabilities

openssl: `MemBio::get_buf` has undefined behavior with empty buffers

RUSTSEC-2024-0357

Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.