feat: add log4rs logger (#18) #6
GitHub Actions / Security audit
failed
Jul 11, 2024 in 0s
Security advisories found
1 advisories, 1 unmaintained
Details
Vulnerabilities
RUSTSEC-2024-0336
rustls::ConnectionCommon::complete_iocould fall into an infinite loop based on network input
| Details | |
|---|---|
| Package | rustls |
| Version | 0.20.9 |
| URL | GHSA-6g7w-8wpp-frhj |
| Date | 2024-04-19 |
| Patched versions | >=0.23.5,>=0.22.4, <0.23.0,>=0.21.11, <0.22.0 |
If a close_notify alert is received during a handshake, complete_io
does not terminate.
Callers which do not call complete_io are not affected.
rustls-tokio and rustls-ffi do not call complete_io
and are not affected.
rustls::Stream and rustls::StreamOwned types use
complete_io and are affected.
Warnings
RUSTSEC-2021-0127
serde_cbor is unmaintained
| Details | |
|---|---|
| Status | unmaintained |
| Package | serde_cbor |
| Version | 0.11.2 |
| URL | https://github.com/pyfisch/cbor |
| Date | 2021-08-15 |
The serde_cbor crate is unmaintained. The author has archived the github repository.
Alternatives proposed by the author:
Loading