This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate token-factory-api
No external dependencies! 🙌
Crate ucs00-pingpong
Dependencies (3 total, 3 outdated)
Crate ibc-union-ucs00-pingpong
No external dependencies! 🙌
Crate ucs03-zkgm
Dependencies (1 total, 1 possibly insecure)
Dev dependencies (2 total, 1 outdated)
Crate Required Latest Status cw-multi-test ^2.4
3.0.1
out of date cw20 ^2.0.0
2.0.0
up to date
Crate ucs06-funded-dispatch
Dependencies (2 total, 1 possibly insecure)
Crate multicall
No external dependencies! 🙌
Crate ibc-union
Dependencies (2 total, 1 outdated, 1 possibly insecure)
Crate ibc-union-msg
No external dependencies! 🙌
Crate ibc-union-light-client
No external dependencies! 🙌
Crate devnet-compose
Dependencies (3 total, 3 outdated)
Crate Required Latest Status cliclack ^0.2.5
0.3.6
out of date console ^0.15.11
0.16.0
out of date strum ^0.26.3
0.27.2
out of date
Crate ensure-blocks
No external dependencies! 🙌
Crate protos
No external dependencies! 🙌
Crate hubble
Dependencies (13 total, 4 outdated)
Crate beacon-api
Dependencies (1 total, all up-to-date)
Crate Required Latest Status moka ^0.12.10
0.12.10
up to date
Crate cometbft-rpc
Dev dependencies (3 total, 1 outdated)
Crate cosmos-client
Dependencies (2 total, all up-to-date)
Crate cometbft-types
No external dependencies! 🙌
Crate concurrent-keyring
Dependencies (1 total, 1 outdated)
Crate Required Latest Status rand ^0.8.5
0.9.2
out of date
Dev dependencies (1 total, all up-to-date)
Crate gnark-key-parser
Dependencies (2 total, 1 outdated)
Dev dependencies (3 total, 3 outdated)
Crate gnark-mimc
Dependencies (3 total, 3 outdated)
Crate ics008-wasm-client
No external dependencies! 🙌
Crate ics23
No external dependencies! 🙌
Crate linea-verifier
No external dependencies! 🙌
Crate linea-zktrie
No external dependencies! 🙌
Crate macros
Dependencies (1 total, all up-to-date)
Crate Required Latest Status proc-macro2 ^1.0.95
1.0.101
up to date
Crate pg-queue
Dependencies (1 total, all up-to-date)
Crate Required Latest Status futures-util ^0.3.31
0.3.31
up to date
Crate poseidon-rs
Dependencies (3 total, 2 outdated)
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status criterion ^0.3
0.7.0
out of date
Build dependencies (1 total, 1 outdated)
Crate subset-of-derive
Dependencies (1 total, all up-to-date)
Crate Required Latest Status proc-macro2 ^1.0.95
1.0.101
up to date
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status trybuild ^1.0.105
1.0.110
up to date
Crate scroll-api
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status serde_json ^1.0.140
1.0.143
up to date
Crate scroll-codec
No external dependencies! 🙌
Crate scroll-rpc
Dev dependencies (2 total, all up-to-date)
Crate arbitrum-types
No external dependencies! 🙌
Crate arbitrum-client
No external dependencies! 🙌
Crate bob-types
No external dependencies! 🙌
Crate base-client
No external dependencies! 🙌
Crate bob-client
No external dependencies! 🙌
Crate serde-utils
No external dependencies! 🙌
Crate ssz
Dependencies (2 total, all up-to-date)
Dev dependencies (2 total, all up-to-date)
Crate Required Latest Status serde_yaml ^0.9.34
0.9.34+deprecated
up to date snap ^1.1.1
1.1.1
up to date
Crate ssz-tests-generator
Dependencies (2 total, all up-to-date)
Crate Required Latest Status serde_yaml ^0.9.34
0.9.34+deprecated
up to date snap ^1.1.1
1.1.1
up to date
Crate ssz-derive
Dependencies (1 total, all up-to-date)
Crate Required Latest Status proc-macro2 ^1.0.95
1.0.101
up to date
Crate unionlabs
Dependencies (3 total, 1 outdated)
Dev dependencies (1 total, 1 outdated)
Crate Required Latest Status rand ^0.8.5
0.9.2
out of date
Crate unionlabs-primitives
Dependencies (2 total, 1 outdated)
Crate Required Latest Status serde_bytes ^0.11.17
0.11.17
up to date uint ^0.9.5
0.10.0
out of date
Crate unionlabs-encoding
No external dependencies! 🙌
Crate zktrie
No external dependencies! 🙌
Crate galois-rpc
No external dependencies! 🙌
Crate cosmos-sdk-event
No external dependencies! 🙌
Crate frissitheto
No external dependencies! 🙌
Crate parlia-types
No external dependencies! 🙌
Crate ibc-solidity
No external dependencies! 🙌
Crate base-verifier
No external dependencies! 🙌
Crate bob-verifier
No external dependencies! 🙌
Crate arbitrum-verifier
No external dependencies! 🙌
Crate cometbls-groth16-verifier
Dependencies (3 total, 1 outdated)
Build dependencies (1 total, all up-to-date)
Crate ethereum-sync-protocol
No external dependencies! 🙌
Crate ethereum-sync-protocol-types
No external dependencies! 🙌
Crate evm-storage-verifier
Dependencies (4 total, 2 outdated)
Crate parlia-verifier
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status blst ^0.3.14
0.3.15
up to date
Crate scroll-verifier
No external dependencies! 🙌
Crate tendermint-verifier
Dev dependencies (1 total, all up-to-date)
Crate base-light-client-types
No external dependencies! 🙌
Crate bob-light-client-types
No external dependencies! 🙌
Crate arbitrum-light-client-types
No external dependencies! 🙌
Crate berachain-light-client-types
No external dependencies! 🙌
Crate cometbls-light-client-types
No external dependencies! 🙌
Crate tendermint-light-client-types
No external dependencies! 🙌
Crate ethereum-light-client-types
No external dependencies! 🙌
Crate ethermint-light-client-types
No external dependencies! 🙌
Crate movement-light-client-types
No external dependencies! 🙌
Crate parlia-light-client-types
No external dependencies! 🙌
Crate trusted-mpt-light-client-types
No external dependencies! 🙌
Crate linea-light-client-types
No external dependencies! 🙌
Crate scroll-light-client-types
No external dependencies! 🙌
Crate state-lens-ics23-mpt-light-client-types
No external dependencies! 🙌
Crate state-lens-ics23-ics23-light-client-types
No external dependencies! 🙌
Crate state-lens-ics23-smt-light-client-types
No external dependencies! 🙌
Crate sui-light-client-types
Dependencies (3 total, 1 outdated)
Crate Required Latest Status blake2 ^0.10.6
0.10.6
up to date roaring ^0.10.12
0.11.2
out of date serde_repr ^0.1.20
0.1.20
up to date
Crate cosmwasm-deployer
Dependencies (3 total, 2 outdated)
Crate arbitrum-light-client
No external dependencies! 🙌
Crate base-light-client
No external dependencies! 🙌
Crate berachain-light-client
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status lazy_static ^1.5.0
1.5.0
up to date
Crate bob-light-client
No external dependencies! 🙌
Crate cometbls-light-client
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status lazy_static ^1.5.0
1.5.0
up to date
Crate ethereum-light-client
Dependencies (3 total, all up-to-date)
Crate ethermint-light-client
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status lazy_static ^1.5.0
1.5.0
up to date
Crate tendermint-light-client
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status lazy_static ^1.5.0
1.5.0
up to date
Crate parlia-light-client
No external dependencies! 🙌
Crate trusted-mpt-light-client
No external dependencies! 🙌
Crate state-lens-ics23-mpt-light-client
No external dependencies! 🙌
Crate state-lens-ics23-ics23-light-client
No external dependencies! 🙌
Crate sui-light-client
Dependencies (2 total, all up-to-date)
Crate Required Latest Status blake2 ^0.10.6
0.10.6
up to date serde_repr ^0.1.20
0.1.20
up to date
Crate devnet-utils
Dependencies (5 total, 2 outdated)
Crate build-evm-deployer-tx
No external dependencies! 🙌
Crate parse-wasm-client-type
No external dependencies! 🙌
Crate tidy
Dependencies (2 total, 2 outdated)
Crate rustfmt-sort
No external dependencies! 🙌
Crate move-bindgen-derive
Dependencies (1 total, all up-to-date)
Crate Required Latest Status proc-macro2 ^1.0.95
1.0.101
up to date
Crate unionvisor
Dependencies (1 total, all up-to-date)
Crate Required Latest Status fs_extra ^1.3.0
1.3.0
up to date
Dev dependencies (2 total, all up-to-date)
Crate voyager
Dependencies (7 total, 3 outdated)
Crate voyager-message
No external dependencies! 🙌
Crate voyager-vm
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status enumorph ^0.1.2
0.1.2
up to date
Crate voyager-rpc
Dependencies (2 total, all up-to-date)
Crate Required Latest Status indexmap ^2.9.0
2.11.0
up to date moka ^0.12.10
0.12.10
up to date
Crate voyager-core
Dependencies (9 total, all up-to-date)
Crate voyager-primitives
No external dependencies! 🙌
Crate voyager-state-module-cosmos-sdk
No external dependencies! 🙌
Crate voyager-state-module-cosmos-sdk-union
No external dependencies! 🙌
Crate voyager-state-module-ethereum
Dependencies (1 total, all up-to-date)
Crate Required Latest Status moka ^0.12.10
0.12.10
up to date
Crate voyager-state-module-sui
No external dependencies! 🙌
Crate voyager-proof-module-cosmos-sdk
No external dependencies! 🙌
Crate voyager-proof-module-cosmos-sdk-union
No external dependencies! 🙌
Crate voyager-proof-module-ethermint
No external dependencies! 🙌
Crate voyager-proof-module-ethereum
No external dependencies! 🙌
Crate voyager-proof-module-sui
No external dependencies! 🙌
Crate voyager-client-module-base
No external dependencies! 🙌
Crate voyager-client-module-bob
No external dependencies! 🙌
Crate voyager-client-module-arbitrum
No external dependencies! 🙌
Crate voyager-client-module-cometbls
Dependencies (2 total, 2 outdated)
Crate voyager-client-module-ethereum
No external dependencies! 🙌
Crate voyager-client-module-parlia
No external dependencies! 🙌
Crate voyager-client-module-tendermint
No external dependencies! 🙌
Crate voyager-client-module-ethermint
No external dependencies! 🙌
Crate voyager-client-module-state-lens-ics23-mpt
No external dependencies! 🙌
Crate voyager-client-module-state-lens-ics23-ics23
No external dependencies! 🙌
Crate voyager-client-module-state-lens-ics23-smt
No external dependencies! 🙌
Crate voyager-client-module-sui
No external dependencies! 🙌
Crate voyager-client-module-trusted-mpt
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-base
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-bob
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-arbitrum
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-cometbls
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-ethereum
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-parlia
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-tendermint
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-ethermint
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-trusted-mpt
Dependencies (1 total, all up-to-date)
Crate voyager-client-bootstrap-module-state-lens-ics23-mpt
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-state-lens-ics23-smt
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-state-lens-ics23-ics23
No external dependencies! 🙌
Crate voyager-client-bootstrap-module-sui
No external dependencies! 🙌
Crate voyager-finality-module-base
No external dependencies! 🙌
Crate voyager-finality-module-bob
No external dependencies! 🙌
Crate voyager-finality-module-arbitrum
No external dependencies! 🙌
Crate voyager-finality-module-berachain
No external dependencies! 🙌
Crate voyager-finality-module-cometbls
No external dependencies! 🙌
Crate voyager-finality-module-ethereum
Dependencies (1 total, all up-to-date)
Crate Required Latest Status moka ^0.12.10
0.12.10
up to date
Crate voyager-finality-module-parlia
No external dependencies! 🙌
Crate voyager-finality-module-tendermint
No external dependencies! 🙌
Crate voyager-finality-module-trusted-evm
No external dependencies! 🙌
Crate voyager-finality-module-sui
No external dependencies! 🙌
Crate voyager-client-update-plugin-base
No external dependencies! 🙌
Crate voyager-client-update-plugin-bob
No external dependencies! 🙌
Crate voyager-client-update-plugin-arbitrum
No external dependencies! 🙌
Crate voyager-client-update-plugin-berachain
No external dependencies! 🙌
Crate voyager-client-update-plugin-cometbls
No external dependencies! 🙌
Crate voyager-client-update-plugin-ethereum
No external dependencies! 🙌
Crate voyager-client-update-plugin-parlia
No external dependencies! 🙌
Crate voyager-client-update-plugin-tendermint
No external dependencies! 🙌
Crate voyager-client-update-plugin-ethermint
No external dependencies! 🙌
Crate voyager-client-update-plugin-state-lens
No external dependencies! 🙌
Crate voyager-client-update-plugin-sui
No external dependencies! 🙌
Crate voyager-client-update-plugin-trusted-mpt
Dependencies (1 total, all up-to-date)
Crate voyager-periodic-client-update-plugin
No external dependencies! 🙌
Crate voyager-event-source-plugin-cosmos-sdk
No external dependencies! 🙌
Crate voyager-event-source-plugin-ethereum
No external dependencies! 🙌
Crate voyager-event-source-plugin-sui
No external dependencies! 🙌
Crate voyager-transaction-plugin-cosmos-sdk
No external dependencies! 🙌
Crate voyager-transaction-plugin-ethereum
No external dependencies! 🙌
Crate voyager-transaction-plugin-sui
No external dependencies! 🙌
Crate voyager-plugin-packet-filter
Dependencies (1 total, all up-to-date)
Crate Required Latest Status regex ^1.11.1
1.11.2
up to date
Crate voyager-plugin-packet-index
No external dependencies! 🙌
Crate voyager-plugin-packet-batch
No external dependencies! 🙌
Crate voyager-plugin-transaction-batch
No external dependencies! 🙌
Crate voyager-plugin-packet-timeout
No external dependencies! 🙌
Crate voyager-plugin-zkgm-filter
Dependencies (1 total, all up-to-date)
Crate Required Latest Status crc ^3.3.0
3.3.0
up to date
Crate drip
Dependencies (4 total, 2 outdated)
Crate reconnecting-jsonrpc-ws-client
Dependencies (1 total, all up-to-date)
Crate Required Latest Status arc-swap ^1.7.1
1.7.1
up to date
Crate subset-of
No external dependencies! 🙌
Crate beacon-api-types
No external dependencies! 🙌
Crate mpc-shared
Dependencies (1 total, all up-to-date)
Crate Required Latest Status postgrest ^1.6
1.6.0
up to date
Crate mpc-client
Dependencies (10 total, 5 outdated)
Crate mpc-coordinator
Dependencies (1 total, 1 outdated)
Crate Required Latest Status pgp ^0.13
0.16.0
out of date
Crate ibc-union-spec
Dependencies (1 total, all up-to-date)
Crate Required Latest Status num-traits ^0.2.19
0.2.19
up to date
Crate ibc-classic-spec
No external dependencies! 🙌
Crate state-lens-light-client-types
Dependencies (1 total, all up-to-date)
Crate Required Latest Status tuple_join ^0.1.0
0.1.0
up to date
Crate create3
No external dependencies! 🙌
Crate linea-types
No external dependencies! 🙌
Crate osmosis-tokenfactory-token-minter
No external dependencies! 🙌
Crate cw20-token-minter
Dependencies (1 total, all up-to-date)
Crate Required Latest Status cw20 ^2.0
2.0.0
up to date
Crate cw-account
No external dependencies! 🙌
Crate cw-escrow-vault
Dependencies (1 total, all up-to-date)
Crate Required Latest Status cw20 ^2.0.0
2.0.0
up to date
Crate ucs03-zkgm-token-minter-api
No external dependencies! 🙌
Crate osmosis-tokenfactory-token-owner
No external dependencies! 🙌
Crate cw20-base
Dependencies (3 total, 1 outdated)
Crate Required Latest Status cw2 ^2.0.0
3.0.0
out of date cw20 ^2.0.0
2.0.0
up to date semver ^1
1.0.26
up to date
Dev dependencies (2 total, 2 outdated)
Crate cw20-wrapped-tokenfactory
Dependencies (1 total, all up-to-date)
Crate Required Latest Status cw20 ^2.0.0
2.0.0
up to date
Crate scroll-types
No external dependencies! 🙌
Crate fork-schedules
No external dependencies! 🙌
Crate depolama
Dependencies (1 total, all up-to-date)
Crate Required Latest Status num-traits ^0.2.19
0.2.19
up to date
Crate embed-commit
Dependencies (2 total, all up-to-date)
Crate Required Latest Status bytemuck ^1.23
1.23.2
up to date const-hex ^1.14.1
1.15.0
up to date
Crate embed-commit-verifier
Dependencies (2 total, 1 outdated)
Crate Required Latest Status bytemuck ^1.23.0
1.23.2
up to date elf ^0.7.4
0.8.0
out of date
Crate ucs04
Build dependencies (1 total, all up-to-date)
Crate Required Latest Status heck ^0.5.0
0.5.0
up to date
Crate deployments
No external dependencies! 🙌
Crate consensus-primitives
No external dependencies! 🙌
Crate solidity-slot
No external dependencies! 🙌
Crate u
Dependencies (4 total, 1 outdated)
Crate Required Latest Status bech32 ^0.11.0
0.11.0
up to date keccak-asm ^0.1.4
0.1.4
up to date num_cpus ^1.16
1.17.0
up to date rand ^0.8
0.9.2
out of date
Crate chain-kitchen
No external dependencies! 🙌
Crate json-schema-to-nixos-module-options
No external dependencies! 🙌
Crate voyager-types
No external dependencies! 🙌
Crate voyager-client
Dependencies (2 total, all up-to-date)
Crate Required Latest Status indexmap ^2.9.0
2.11.0
up to date moka ^0.12.10
0.12.10
up to date
Crate voyager-plugin
Dependencies (2 total, all up-to-date)
Crate Required Latest Status indexmap ^2.9.0
2.11.0
up to date moka ^0.12.10
0.12.10
up to date
Crate voyager-sdk
No external dependencies! 🙌
Crate voyager-plugin-protocol
Dependencies (1 total, all up-to-date)
Crate Required Latest Status tower ^0.5
0.5.2
up to date
Crate wasm-client-type
Dependencies (2 total, 1 outdated)
Crate Required Latest Status paste ^1.0
1.0.15
up to date wasmparser ^0.113
0.238.0
out of date
Crate sui-verifier
Dependencies (1 total, all up-to-date)
Crate Required Latest Status blake2 ^0.10.6
0.10.6
up to date
Crate update-deployments
No external dependencies! 🙌
Crate union-test
Dependencies (4 total, 1 outdated, 1 possibly insecure)
Crate Required Latest Status cw20 ^2.0.0
2.0.0
up to date ethers ^1.0.2
2.0.14
out of date rand ^0.9.0
0.9.2
up to date regex ⚠️ ^1
1.11.2
maybe insecure
Dev dependencies (3 total, 1 outdated, 1 possibly insecure)
Security Vulnerabilities regex
: Regexes with large repetitions on empty sub-expressions take a very long time to parseRUSTSEC-2022-0013
The Rust Security Response WG was notified that the regex
crate did not
properly limit the complexity of the regular expressions (regex) it parses. An
attacker could use this security issue to perform a denial of service, by
sending a specially crafted regex to a service accepting untrusted regexes. No
known vulnerability is present when parsing untrusted input with trusted
regexes.
This issue has been assigned CVE-2022-24713. The severity of this vulnerability
is "high" when the regex
crate is used to parse untrusted regexes. Other uses
of the regex
crate are not affected by this vulnerability.
Overview
The regex
crate features built-in mitigations to prevent denial of service
attacks caused by untrusted regexes, or untrusted input matched by trusted
regexes. Those (tunable) mitigations already provide sane defaults to prevent
attacks. This guarantee is documented and it's considered part of the crate's
API.
Unfortunately a bug was discovered in the mitigations designed to prevent
untrusted regexes to take an arbitrary amount of time during parsing, and it's
possible to craft regexes that bypass such mitigations. This makes it possible
to perform denial of service attacks by sending specially crafted regexes to
services accepting user-controlled, untrusted regexes.
Affected versions
All versions of the regex
crate before or equal to 1.5.4 are affected by this
issue. The fix is include starting from regex
1.5.5.
Mitigations
We recommend everyone accepting user-controlled regexes to upgrade immediately
to the latest version of the regex
crate.
Unfortunately there is no fixed set of problematic regexes, as there are
practically infinite regexes that could be crafted to exploit this
vulnerability. Because of this, we do not recommend denying known problematic
regexes.
Acknowledgements
We want to thank Addison Crump for responsibly disclosing this to us according
to the Rust security policy , and for helping review the fix.
We also want to thank Andrew Gallant for developing the fix, and Pietro Albini
for coordinating the disclosure and writing this advisory.
tokio
: reject_remote_clients Configuration corruptionRUSTSEC-2023-0001
On Windows, configuring a named pipe server with pipe_mode will force ServerOptions ::reject_remote_clients as false
.
This drops any intended explicit configuration for the reject_remote_clients that may have been set as true
previously.
The default setting of reject_remote_clients is normally true
meaning the default is also overridden as false
.
Workarounds
Ensure that pipe_mode is set first after initializing a ServerOptions . For example:
let mut opts = ServerOptions::new();
opts.pipe_mode(PipeMode::Message);
opts.reject_remote_clients(true);
Patched
>=1.18.4, <1.19.0
>=1.20.3, <1.21.0
>=1.23.1
serde-json-wasm
: Stack overflow during recursive JSON parsingRUSTSEC-2024-0012
When parsing untrusted, deeply nested JSON, the stack may overflow,
possibly enabling a Denial of Service attack.
This was fixed by adding a check for recursion depth.
Patched
>=1.0.1
>=0.5.2, <1.0.0