-
Federico Mena Quintero authored
Crate: generic-array Version: 0.11.1 Title: arr! macro erases lifetimes Date: 2020-04-09 ID: RUSTSEC-2020-0146 URL: https://rustsec.org/advisories/RUSTSEC-2020-0146 Solution: Upgrade to >=0.8.4, <0.9.0 OR >=0.9.1, <0.10.0 OR >=0.10.1, <0.11.0 OR >=0.11.2, <0.12.0 OR >=0.12.4, <0.13.0 OR >=0.13.3 Dependency tree: generic-array 0.11.1 └── nalgebra 0.16.14 └── rsvg_internals 0.0.1 Crate: smallvec Version: 0.6.5 Title: Memory corruption in SmallVec::grow() Date: 2019-07-19 ID: RUSTSEC-2019-0012 URL: https://rustsec.org/advisories/RUSTSEC-2019-0012 Solution: Upgrade to >=0.6.10 Dependency tree: smallvec 0.6.5 └── cssparser 0.25.9 └── rsvg_internals 0.0.1 Crate: smallvec Version: 0.6.5 Title: Double-free and use-after-free in SmallVec::grow() Date: 2019-06-06 ID: RUSTSEC-2019-0009 URL: https://rustsec.org/advisories/RUSTSEC-2019-0009 Solution: Upgrade to >=0.6.10 Crate: smallvec Version: 0.6.5 Title: Buffer overflow in SmallVec::insert_many Date: 2021-01-08 ID: RUSTSEC-2021-0003 URL: https://rustsec.org/advisories/RUSTSEC-2021-0003 Solution: Upgrade to >=0.6.14, <1.0.0 OR >=1.6.1 Crate: failure Version: 0.1.2 Warning: unmaintained Title: failure is officially deprecated/unmaintained Date: 2020-05-02 ID: RUSTSEC-2020-0036 URL: https://rustsec.org/advisories/RUSTSEC-2020-0036 Dependency tree: failure 0.1.2 └── criterion 0.2.5 └── rsvg_internals 0.0.1 Crate: term Version: 0.5.1 Warning: unmaintained Title: term is looking for a new maintainer Date: 2018-11-19 ID: RUSTSEC-2018-0015 URL: https://rustsec.org/advisories/RUSTSEC-2018-0015 Dependency tree: term 0.5.1 └── simplelog 0.5.2 └── criterion 0.2.5 └── rsvg_internals 0.0.1 Crate: quote Version: 1.0.2 Warning: yanked Dependency tree: quote 1.0.2 ├── syn 1.0.5 │ └── cssparser 0.25.9 │ └── rsvg_internals 0.0.1 └── cssparser 0.25.9 Crate: smallvec Version: 0.6.5 Warning: yanked error: 4 vulnerabilities found! warning: 4 allowed warnings found
2a6b5e2b