This project might be open to known security vulnerabilities, which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom.
smoldot(49 total, 11 outdated, 1 possibly insecure)
| Crate | Required | Latest | Status |
|---|---|---|---|
| arrayvec | ^0.7.6 | 0.7.6 | up to date |
| async-lock | ^3.0.0 | 3.4.2 | up to date |
| atomic-take | ^1.1.0 | 1.1.0 | up to date |
| base64 | ^0.22.0 | 0.22.1 | up to date |
| bip39 | ^2.0.0 | 2.2.2 | up to date |
| blake2-rfc | ^0.2.18 | 0.2.18 | up to date |
| bs58 | ^0.5.1 | 0.5.1 | up to date |
| chacha20 | ^0.9.1 | 0.10.0 | out of date |
| crossbeam-queue | ^0.3.11 | 0.3.12 | up to date |
| derive_more | ^2.0 | 2.1.1 | up to date |
| ed25519-zebra | ^4.1.0 | 4.2.0 | up to date |
| either | ^1.9.0 | 1.15.0 | up to date |
| event-listener | ^5.3.0 | 5.4.1 | up to date |
| fnv | ^1.0.7 | 1.0.7 | up to date |
| futures-lite | ^2.3.0 | 2.6.1 | up to date |
| hashbrown | ^0.16.0 | 0.17.0 | out of date |
| hex | ^0.4.3 | 0.4.3 | up to date |
| hmac | ^0.12.1 | 0.13.0 | out of date |
| itertools | ^0.14.0 | 0.14.0 | up to date |
| libm | ^0.2.8 | 0.2.16 | up to date |
| libsecp256k1 | ^0.7.1 | 0.7.2 | up to date |
| merlin | ^3.0 | 3.0.0 | up to date |
| nom | ^8.0.0 | 8.0.0 | up to date |
| num-bigint | ^0.4.3 | 0.4.6 | up to date |
| num-rational | ^0.4.1 | 0.4.2 | up to date |
| num-traits | ^0.2.19 | 0.2.19 | up to date |
| pbkdf2 | ^0.12.1 | 0.13.0 | out of date |
| poly1305 | ^0.8.0 | 0.8.0 | up to date |
| rand | ^0.8.5 | 0.10.1 | out of date |
| rand_chacha | ^0.3.1 | 0.10.0 | out of date |
| ruzstd | ^0.8.0 | 0.8.2 | up to date |
| schnorrkel | ^0.11.2 | 0.11.5 | up to date |
| serde | ^1.0.183 | 1.0.228 | up to date |
| serde_json | ^1.0.104 | 1.0.149 | up to date |
| sha2 | ^0.10.7 | 0.11.0 | out of date |
| sha3 | ^0.10.8 | 0.11.0 | out of date |
| siphasher | ^1.0.1 | 1.0.2 | up to date |
| slab | ^0.4.8 | 0.4.12 | up to date |
| smallvec | ^1.13.2 | 1.15.1 | up to date |
| twox-hash | ^2.0.0 | 2.1.2 | up to date |
| wasmi | ^0.40.0 | 1.0.9 | out of date |
| x25519-dalek | ^2.0.0-rc.3 | 2.0.1 | up to date |
| zeroize | ^1.7.0 | 1.8.2 | up to date |
| rusqlite | ^0.32.1 | 0.39.0 | out of date |
| futures-util | ^0.3.27 | 0.3.32 | up to date |
| parking_lot | ^0.12.1 | 0.12.5 | up to date |
| pin-project | ^1.1.5 | 1.1.11 | up to date |
| soketto | ^0.8.0 | 0.8.1 | up to date |
| wasmtime ⚠️ | ^36.0.3 | 44.0.0 | out of date |
(5 total, 2 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| criterion | ^0.5.1 | 0.8.2 | out of date |
| futures-executor | ^0.3.28 | 0.3.32 | up to date |
| rand | ^0.8.5 | 0.10.1 | out of date |
| tempfile | ^3.10.0 | 3.27.0 | up to date |
| wat | ^1.216.0 | 1.247.0 | up to date |
smoldot-full-node(25 total, 4 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| async-channel | ^2.5.0 | 2.5.0 | up to date |
| blake2-rfc | ^0.2.18 | 0.2.18 | up to date |
| clap | ^4.5.20 | 4.6.1 | up to date |
| ctrlc | ^3.4.0 | 3.5.2 | up to date |
| derive_more | ^2.0 | 2.1.1 | up to date |
| directories | ^5.0.1 | 6.0.0 | out of date |
| either | ^1.9.0 | 1.15.0 | up to date |
| event-listener | ^5.3.0 | 5.4.1 | up to date |
| fnv | ^1.0.7 | 1.0.7 | up to date |
| futures-channel | ^0.3.31 | 0.3.32 | up to date |
| futures-lite | ^2.3.0 | 2.6.1 | up to date |
| futures-util | ^0.3.27 | 0.3.32 | up to date |
| hashbrown | ^0.16.0 | 0.17.0 | out of date |
| hex | ^0.4.3 | 0.4.3 | up to date |
| humantime | ^2.1.0 | 2.3.0 | up to date |
| lru | ^0.16.3 | 0.18.0 | out of date |
| mick-jaeger | ^0.1.8 | 0.1.8 | up to date |
| rand | ^0.8.5 | 0.10.1 | out of date |
| serde | ^1.0.183 | 1.0.228 | up to date |
| serde_json | ^1.0.104 | 1.0.149 | up to date |
| siphasher | ^1.0.1 | 1.0.2 | up to date |
| soketto | ^0.8.0 | 0.8.1 | up to date |
| smol | ^2.0.0 | 2.0.2 | up to date |
| terminal_size | ^0.4.0 | 0.4.4 | up to date |
| zeroize | ^1.7.0 | 1.8.2 | up to date |
smoldot-light(27 total, 4 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| async-channel | ^2.5.0 | 2.5.0 | up to date |
| async-lock | ^3.0.0 | 3.4.2 | up to date |
| base64 | ^0.22.0 | 0.22.1 | up to date |
| blake2-rfc | ^0.2.18 | 0.2.18 | up to date |
| bs58 | ^0.5.1 | 0.5.1 | up to date |
| derive_more | ^2.0 | 2.1.1 | up to date |
| either | ^1.9.0 | 1.15.0 | up to date |
| event-listener | ^5.3.0 | 5.4.1 | up to date |
| fnv | ^1.0.7 | 1.0.7 | up to date |
| futures-channel | ^0.3.31 | 0.3.32 | up to date |
| futures-lite | ^2.3.0 | 2.6.1 | up to date |
| futures-util | ^0.3.27 | 0.3.32 | up to date |
| hashbrown | ^0.16.0 | 0.17.0 | out of date |
| hex | ^0.4.3 | 0.4.3 | up to date |
| itertools | ^0.14.0 | 0.14.0 | up to date |
| lru | ^0.16.3 | 0.18.0 | out of date |
| pin-project | ^1.1.5 | 1.1.11 | up to date |
| rand | ^0.8.5 | 0.10.1 | out of date |
| rand_chacha | ^0.3.1 | 0.10.0 | out of date |
| serde | ^1.0.183 | 1.0.228 | up to date |
| serde_json | ^1.0.104 | 1.0.149 | up to date |
| siphasher | ^1.0.1 | 1.0.2 | up to date |
| slab | ^0.4.8 | 0.4.12 | up to date |
| zeroize | ^1.7.0 | 1.8.2 | up to date |
| parking_lot | ^0.12.1 | 0.12.5 | up to date |
| log | ^0.4.18 | 0.4.29 | up to date |
| smol | ^2.0.0 | 2.0.2 | up to date |
(1 total, all up-to-date)
| Crate | Required | Latest | Status |
|---|---|---|---|
| env_logger | ^0.11.4 | 0.11.10 | up to date |
smoldot-light-wasm(13 total, 1 outdated)
| Crate | Required | Latest | Status |
|---|---|---|---|
| async-lock | ^3.0.0 | 3.4.2 | up to date |
| async-task | ^4.4.0 | 4.7.1 | up to date |
| crossbeam-queue | ^0.3.11 | 0.3.12 | up to date |
| derive_more | ^2.0 | 2.1.1 | up to date |
| dlmalloc | ^0.2.11 | 0.2.13 | up to date |
| event-listener | ^5.3.0 | 5.4.1 | up to date |
| fnv | ^1.0.7 | 1.0.7 | up to date |
| futures-lite | ^2.3.0 | 2.6.1 | up to date |
| futures-util | ^0.3.27 | 0.3.32 | up to date |
| hashbrown | ^0.16.0 | 0.17.0 | out of date |
| nom | ^8.0.0 | 8.0.0 | up to date |
| pin-project | ^1.1.5 | 1.1.11 | up to date |
| slab | ^0.4.8 | 0.4.12 | up to date |
wasmtime: Panic when lifting `flags` component valueThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m758-wjhj-p3jq For more information see the GitHub-hosted security advisory.
wasmtime: Host data leakage with 64-bit tables and WinchThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-m9w2-8782-2946 For more information see the GitHub-hosted security advisory.
wasmtime: Wasmtime segfault or unused out-of-sandbox load with `f64x2.splat` operator on Cranelift x86-64This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-qqfj-4vcm-26hv For more information see the GitHub-hosted security advisory.
wasmtime: Data leakage between pooling allocator instancesThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-6wgr-89rj-399p For more information see the GitHub-hosted security advisory.
wasmtime: Host panic when Winch compiler executes `table.fill`This is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-q49f-xg75-m9xw For more information see the GitHub-hosted security advisory.
wasmtime: Out-of-bounds write or crash when transcoding component model stringsThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-394w-hwhg-8vgm For more information see the GitHub-hosted security advisory.
wasmtime: Panic when transcoding misaligned component model UTF-16 stringsThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jxhv-7h78-9775 For more information see the GitHub-hosted security advisory.
wasmtime: Heap OOB read in component model UTF-16 to latin1+utf16 string transcodingThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-hx6p-xpx3-jvvv For more information see the GitHub-hosted security advisory.
wasmtime: Improperly masked return value from `table.grow` with Winch compiler backendThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-f984-pcp8-v2p7 For more information see the GitHub-hosted security advisory.
wasmtime: Wasmtime with Winch compiler backend may allow a sandbox-escaping memory accessThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-xx5w-cvp6-jv83 For more information see the GitHub-hosted security advisory.
wasmtime: Miscompiled guest heap access enables sandbox escape on aarch64 CraneliftThis is an entry in the RustSec database for the Wasmtime security advisory located at https://github.com/bytecodealliance/wasmtime/security/advisories/GHSA-jhxm-h53p-jm7w For more information see the GitHub-hosted security advisory.