This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.

Crate fd-find

Dependencies

(17 total, 1 outdated, 1 possibly insecure)

CrateRequiredLatestStatus
 ansi_term^0.120.12.1up to date
 argmax^0.3.00.3.0up to date
 atty^0.20.2.14up to date
 ignore^0.4.30.4.18up to date
 num_cpus^1.131.13.1up to date
 regex^1.6.01.6.0up to date
 regex-syntax^0.60.6.27up to date
 ctrlc^3.23.2.2up to date
 humantime^2.12.1.0up to date
 lscolors^0.110.12.0out of date
 globset^0.40.4.9up to date
 anyhow^1.01.0.60up to date
 dirs-next^2.02.0.0up to date
 normpath^0.3.20.3.2up to date
 chrono ⚠️^0.40.4.21maybe insecure
 once_cell^1.13.01.13.0up to date
 clap^3.13.2.16up to date

Dev dependencies

(4 total, all up-to-date)

CrateRequiredLatestStatus
 diff^0.10.1.13up to date
 tempdir^0.30.3.7up to date
 filetime^0.20.2.17up to date
 test-case^2.22.2.1up to date

Build dependencies

(3 total, all up-to-date)

CrateRequiredLatestStatus
 clap^3.13.2.16up to date
 clap_complete^3.13.2.3up to date
 version_check^0.90.9.4up to date

Security Vulnerabilities

chrono: Potential segfault in `localtime_r` invocations

RUSTSEC-2020-0159

Impact

Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library.

Workarounds

No workarounds are known.

References