We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
version: cargo-audit 0.16.0
Details: %cargo audit Fetching advisory database from https://github.com/RustSec/advisory-db.git Loaded 430 security advisories (from /Users/.cargo/advisory-db) Updating crates.io index Scanning Cargo.lock for vulnerabilities (392 crate dependencies) Crate: owning_ref Version: 0.4.1 Title: Multiple soundness issues in owning_ref Date: 2022-01-26 ID: RUSTSEC-2022-0040 URL: https://rustsec.org/advisories/RUSTSEC-2022-0040 Solution: No safe upgrade is available! Dependency tree: owning_ref 0.4.1 └── prometheus-client 0.17.0 ├── libp2p-metrics 0.8.0 │ └── libp2p 0.47.0 │ ├── libp2p-swarm-derive 0.28.0 │ │ └── libp2p 0.47.0 │ ├── libp2p-swarm 0.38.0 │ │ ├── multistream-select 0.11.0 │ │ │ └── libp2p-core 0.35.0 │ │ │ ├── multistream-select 0.11.0 │ │ │ ├── libp2p-yamux 0.39.0 │ │ │ │ ├── libp2p-request-response 0.20.0 │ │ │ │ │ ├── libp2p-autonat 0.6.0 │ │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-relay 0.11.0 │ │ │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ │ │ ├── libp2p-dcutr 0.5.0 │ │ │ │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-ping 0.38.0 │ │ │ │ │ ├── libp2p-relay 0.11.0 │ │ │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-kad 0.39.0 │ │ │ │ │ ├── libp2p-relay 0.11.0 │ │ │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-gossipsub 0.40.0 │ │ │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-dcutr 0.5.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-websocket 0.37.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-wasm-ext 0.35.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-uds 0.34.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-tcp 0.35.0 │ │ │ │ ├── libp2p-websocket 0.37.0 │ │ │ │ ├── libp2p-swarm 0.38.0 │ │ │ │ ├── libp2p-request-response 0.20.0 │ │ │ │ ├── libp2p-ping 0.38.0 │ │ │ │ ├── libp2p-noise 0.38.0 │ │ │ │ │ ├── libp2p-swarm 0.38.0 │ │ │ │ │ ├── libp2p-request-response 0.20.0 │ │ │ │ │ ├── libp2p-ping 0.38.0 │ │ │ │ │ ├── libp2p-kad 0.39.0 │ │ │ │ │ ├── libp2p-gossipsub 0.40.0 │ │ │ │ │ ├── libp2p-core 0.35.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-mplex 0.35.0 │ │ │ │ │ ├── multistream-select 0.11.0 │ │ │ │ │ ├── libp2p-swarm 0.38.0 │ │ │ │ │ ├── libp2p-ping 0.38.0 │ │ │ │ │ ├── libp2p-gossipsub 0.40.0 │ │ │ │ │ ├── libp2p-core 0.35.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-deflate 0.35.0 │ │ │ │ │ └── libp2p 0.47.0 │ │ │ │ ├── libp2p-core 0.35.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-swarm 0.38.0 │ │ │ ├── libp2p-request-response 0.20.0 │ │ │ ├── libp2p-rendezvous 0.8.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-relay 0.11.0 │ │ │ ├── libp2p-plaintext 0.35.0 │ │ │ │ ├── multistream-select 0.11.0 │ │ │ │ ├── libp2p-relay 0.11.0 │ │ │ │ ├── libp2p-mplex 0.35.0 │ │ │ │ ├── libp2p-gossipsub 0.40.0 │ │ │ │ ├── libp2p-dcutr 0.5.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-ping 0.38.0 │ │ │ ├── libp2p-noise 0.38.0 │ │ │ ├── libp2p-mplex 0.35.0 │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ ├── libp2p-mdns 0.39.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-kad 0.39.0 │ │ │ ├── libp2p-identify 0.38.0 │ │ │ │ ├── libp2p-relay 0.11.0 │ │ │ │ ├── libp2p-metrics 0.8.0 │ │ │ │ ├── libp2p-dcutr 0.5.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-gossipsub 0.40.0 │ │ │ ├── libp2p-floodsub 0.38.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-dns 0.35.0 │ │ │ │ └── libp2p 0.47.0 │ │ │ ├── libp2p-deflate 0.35.0 │ │ │ ├── libp2p-dcutr 0.5.0 │ │ │ ├── libp2p-autonat 0.6.0 │ │ │ ├── libp2p 0.47.0 │ │ │ └── keygen 0.1.0 │ │ ├── libp2p-request-response 0.20.0 │ │ ├── libp2p-rendezvous 0.8.0 │ │ ├── libp2p-relay 0.11.0 │ │ ├── libp2p-ping 0.38.0 │ │ ├── libp2p-metrics 0.8.0 │ │ ├── libp2p-mdns 0.39.0 │ │ ├── libp2p-kad 0.39.0 │ │ ├── libp2p-identify 0.38.0 │ │ ├── libp2p-gossipsub 0.40.0 │ │ ├── libp2p-floodsub 0.38.0 │ │ ├── libp2p-dcutr 0.5.0 │ │ ├── libp2p-autonat 0.6.0 │ │ └── libp2p 0.47.0 │ ├── libp2p-rendezvous 0.8.0 │ ├── libp2p-relay 0.11.0 │ ├── libp2p-metrics 0.8.0 │ ├── libp2p-mdns 0.39.0 │ ├── libp2p-identify 0.38.0 │ ├── libp2p-dcutr 0.5.0 │ └── libp2p-autonat 0.6.0 └── libp2p-gossipsub 0.40.0
https://github.com/RustSec/advisory-db.git
owning_ref
error: 1 vulnerability found!
<output>
Yes / No / Maybe.
The text was updated successfully, but these errors were encountered:
Thanks for reporting @fishseabowl. Let's move this to #2794.
Sorry, something went wrong.
No branches or pull requests
Summary
version: cargo-audit 0.16.0
Details:
%cargo audit
Fetching advisory database from
https://github.com/RustSec/advisory-db.gitLoaded 430 security advisories (from /Users/.cargo/advisory-db)
Updating crates.io index
Scanning Cargo.lock for vulnerabilities (392 crate dependencies)
Crate: owning_ref
Version: 0.4.1
Title: Multiple soundness issues in
owning_refDate: 2022-01-26
ID: RUSTSEC-2022-0040
URL: https://rustsec.org/advisories/RUSTSEC-2022-0040
Solution: No safe upgrade is available!
Dependency tree:
owning_ref 0.4.1
└── prometheus-client 0.17.0
├── libp2p-metrics 0.8.0
│ └── libp2p 0.47.0
│ ├── libp2p-swarm-derive 0.28.0
│ │ └── libp2p 0.47.0
│ ├── libp2p-swarm 0.38.0
│ │ ├── multistream-select 0.11.0
│ │ │ └── libp2p-core 0.35.0
│ │ │ ├── multistream-select 0.11.0
│ │ │ ├── libp2p-yamux 0.39.0
│ │ │ │ ├── libp2p-request-response 0.20.0
│ │ │ │ │ ├── libp2p-autonat 0.6.0
│ │ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-relay 0.11.0
│ │ │ │ │ ├── libp2p-metrics 0.8.0
│ │ │ │ │ ├── libp2p-dcutr 0.5.0
│ │ │ │ │ │ ├── libp2p-metrics 0.8.0
│ │ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-ping 0.38.0
│ │ │ │ │ ├── libp2p-relay 0.11.0
│ │ │ │ │ ├── libp2p-metrics 0.8.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-kad 0.39.0
│ │ │ │ │ ├── libp2p-relay 0.11.0
│ │ │ │ │ ├── libp2p-metrics 0.8.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-gossipsub 0.40.0
│ │ │ │ │ ├── libp2p-metrics 0.8.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-dcutr 0.5.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-websocket 0.37.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-wasm-ext 0.35.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-uds 0.34.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-tcp 0.35.0
│ │ │ │ ├── libp2p-websocket 0.37.0
│ │ │ │ ├── libp2p-swarm 0.38.0
│ │ │ │ ├── libp2p-request-response 0.20.0
│ │ │ │ ├── libp2p-ping 0.38.0
│ │ │ │ ├── libp2p-noise 0.38.0
│ │ │ │ │ ├── libp2p-swarm 0.38.0
│ │ │ │ │ ├── libp2p-request-response 0.20.0
│ │ │ │ │ ├── libp2p-ping 0.38.0
│ │ │ │ │ ├── libp2p-kad 0.39.0
│ │ │ │ │ ├── libp2p-gossipsub 0.40.0
│ │ │ │ │ ├── libp2p-core 0.35.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-mplex 0.35.0
│ │ │ │ │ ├── multistream-select 0.11.0
│ │ │ │ │ ├── libp2p-swarm 0.38.0
│ │ │ │ │ ├── libp2p-ping 0.38.0
│ │ │ │ │ ├── libp2p-gossipsub 0.40.0
│ │ │ │ │ ├── libp2p-core 0.35.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-deflate 0.35.0
│ │ │ │ │ └── libp2p 0.47.0
│ │ │ │ ├── libp2p-core 0.35.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-swarm 0.38.0
│ │ │ ├── libp2p-request-response 0.20.0
│ │ │ ├── libp2p-rendezvous 0.8.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-relay 0.11.0
│ │ │ ├── libp2p-plaintext 0.35.0
│ │ │ │ ├── multistream-select 0.11.0
│ │ │ │ ├── libp2p-relay 0.11.0
│ │ │ │ ├── libp2p-mplex 0.35.0
│ │ │ │ ├── libp2p-gossipsub 0.40.0
│ │ │ │ ├── libp2p-dcutr 0.5.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-ping 0.38.0
│ │ │ ├── libp2p-noise 0.38.0
│ │ │ ├── libp2p-mplex 0.35.0
│ │ │ ├── libp2p-metrics 0.8.0
│ │ │ ├── libp2p-mdns 0.39.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-kad 0.39.0
│ │ │ ├── libp2p-identify 0.38.0
│ │ │ │ ├── libp2p-relay 0.11.0
│ │ │ │ ├── libp2p-metrics 0.8.0
│ │ │ │ ├── libp2p-dcutr 0.5.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-gossipsub 0.40.0
│ │ │ ├── libp2p-floodsub 0.38.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-dns 0.35.0
│ │ │ │ └── libp2p 0.47.0
│ │ │ ├── libp2p-deflate 0.35.0
│ │ │ ├── libp2p-dcutr 0.5.0
│ │ │ ├── libp2p-autonat 0.6.0
│ │ │ ├── libp2p 0.47.0
│ │ │ └── keygen 0.1.0
│ │ ├── libp2p-request-response 0.20.0
│ │ ├── libp2p-rendezvous 0.8.0
│ │ ├── libp2p-relay 0.11.0
│ │ ├── libp2p-ping 0.38.0
│ │ ├── libp2p-metrics 0.8.0
│ │ ├── libp2p-mdns 0.39.0
│ │ ├── libp2p-kad 0.39.0
│ │ ├── libp2p-identify 0.38.0
│ │ ├── libp2p-gossipsub 0.40.0
│ │ ├── libp2p-floodsub 0.38.0
│ │ ├── libp2p-dcutr 0.5.0
│ │ ├── libp2p-autonat 0.6.0
│ │ └── libp2p 0.47.0
│ ├── libp2p-rendezvous 0.8.0
│ ├── libp2p-relay 0.11.0
│ ├── libp2p-metrics 0.8.0
│ ├── libp2p-mdns 0.39.0
│ ├── libp2p-identify 0.38.0
│ ├── libp2p-dcutr 0.5.0
│ └── libp2p-autonat 0.6.0
└── libp2p-gossipsub 0.40.0
error: 1 vulnerability found!
Expected behaviour
Actual behaviour
Debug Output
Possible Solution
Version
0.47.0
Would you like to work on fixing this bug?
Yes / No / Maybe.
The text was updated successfully, but these errors were encountered: