This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate tipb

Dependencies

(6 total, 3 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 protobuf ⚠️=2.8.03.7.2out of date
 prost^0.90.13.5out of date
 prost-derive^0.90.13.5out of date
 lazy_static^1.31.5.0up to date
 futures^0.3.50.3.31up to date
 grpcio0.*0.13.0up to date

Build dependencies

(1 total, all up-to-date)

CrateRequiredLatestStatus
 protobuf-build0.*0.15.1up to date

Security Vulnerabilities

protobuf: Crash due to uncontrolled recursion in protobuf crate

RUSTSEC-2024-0437

Affected version of this crate did not properly parse unknown fields when parsing a user-supplied input.

This allows an attacker to cause a stack overflow when parsing the mssage on untrusted data.