This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate rocksdb
Dependencies (1 total, all up-to-date)
Crate Required Latest Status libc ^0.2.11
0.2.153
up to date
Dev dependencies (4 total, 2 outdated)
Crate Required Latest Status crc ^1.8
3.2.1
out of date lazy_static ^1.4.0
1.4.0
up to date rand ^0.7
0.8.5
out of date tempfile ^3.1
3.10.1
up to date
Crate librocksdb_sys
Dependencies (7 total, 1 possibly insecure)
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status tempfile ^3.1
3.10.1
up to date
Build dependencies (3 total, 1 outdated)
Crate Required Latest Status cc ^1.0.3
1.0.95
up to date cmake ^0.1
0.1.50
up to date bindgen ^0.65
0.69.4
out of date
Crate libtitan_sys
Dependencies (5 total, 1 possibly insecure)
Crate Required Latest Status bzip2-sys ^0.1.8
0.1.11+1.0.8
up to date libc ^0.2.11
0.2.153
up to date libz-sys ^1.1
1.1.16
up to date zstd-sys ^2.0.1
2.0.10+zstd.1.5.6
up to date lz4-sys ⚠️ ^1.9
1.9.4
maybe insecure
Build dependencies (2 total, all up-to-date)
Crate Required Latest Status cc ^1.0.3
1.0.95
up to date cmake ^0.1
0.1.50
up to date
Security Vulnerabilities lz4-sys
: Memory corruption in liblz4RUSTSEC-2022-0051
lz4-sys up to v1.9.3 bundles a version of liblz4 that is vulnerable to
CVE-2021-3520 .
Attackers could craft a payload that triggers an integer overflow upon
decompression, causing an out-of-bounds write.
The flaw has been corrected in version v1.9.4 of liblz4, which is included
in lz4-sys 1.9.4.