This project might be open to known security vulnerabilities , which can be prevented by tightening the version range of affected dependencies. Find detailed information at the bottom .
Crate veloren-common
Dependencies (12 total, 1 outdated)
Dev dependencies (3 total, all up-to-date)
Crate veloren-common-assets
Dependencies (3 total, all up-to-date)
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status walkdir ^2.3.2
2.5.0
up to date
Crate veloren-common-i18n
No external dependencies! 🙌
Crate veloren-common-base
Dependencies (2 total, 1 outdated)
Crate veloren-common-dynlib
Dependencies (3 total, all up-to-date)
Crate veloren-common-ecs
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status float-cmp ^0.9.0
0.9.0
up to date
Crate veloren-common-net
Dependencies (2 total, all up-to-date)
Crate Required Latest Status flate2 ^1.0.20
1.0.28
up to date sum_type ^0.2.0
0.2.0
up to date
Crate veloren-common-state
Dependencies (9 total, 2 outdated)
Crate veloren-common-systems
No external dependencies! 🙌
Crate veloren-common-frontend
Dependencies (4 total, 1 outdated)
Crate veloren-client
Dependencies (6 total, 1 outdated, 1 possibly insecure)
Crate veloren-client-i18n
Dependencies (2 total, all up-to-date)
Crate veloren-rtsim
Dependencies (4 total, all up-to-date)
Crate veloren-server
Dependencies (13 total, 4 outdated, 1 possibly insecure)
Crate veloren-server-agent
No external dependencies! 🙌
Crate veloren-server-cli
Dependencies (8 total, 2 outdated)
Crate veloren-voxygen
Dependencies (22 total, 8 outdated)
Dev dependencies (1 total, all up-to-date)
Crate Required Latest Status criterion ^0.5.1
0.5.1
up to date
Crate veloren-voxygen-anim
Dependencies (1 total, all up-to-date)
Crate Required Latest Status bytemuck ^1.4
1.15.0
up to date
Crate veloren-voxygen-i18n-helpers
No external dependencies! 🙌
Crate veloren-voxygen-egui
Dependencies (3 total, 3 outdated)
Crate veloren-world
Dependencies (13 total, 3 outdated)
Dev dependencies (6 total, 1 outdated)
Crate veloren-network
Dependencies (7 total, 1 outdated, 1 possibly insecure)
Dev dependencies (5 total, 1 outdated)
Crate veloren-network-protocol
Dependencies (1 total, all up-to-date)
Crate Required Latest Status bytes ^1
1.6.0
up to date
Dev dependencies (2 total, all up-to-date)
Security Vulnerabilities rustls
: `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network inputRUSTSEC-2024-0336
If a close_notify
alert is received during a handshake, complete_io
does not terminate.
Callers which do not call complete_io
are not affected.
rustls-tokio
and rustls-ffi
do not call complete_io
and are not affected.
rustls::Stream
and rustls::StreamOwned
types use
complete_io
and are affected.
Patched
>=0.23.5
>=0.22.4, <0.23.0
>=0.21.11, <0.22.0