Update async-tungstenite to v0.23.0
#2013
This check has been archived and is scheduled for deletion.
Learn more about checks retention
GitHub Actions / Security audit
failed
Sep 26, 2023 in 0s
Security advisories found
1 advisories, 1 unmaintained
Details
Vulnerabilities
RUSTSEC-2023-0052
webpki: CPU denial of service in certificate path building
| Details | |
|---|---|
| Package | webpki |
| Version | 0.21.4 |
| Date | 2023-08-22 |
| Patched versions | >=0.22.1 |
When this crate is given a pathological certificate chain to validate, it will
spend CPU time exponential with the number of candidate certificates at each
step of path building.
Both TLS clients and TLS servers that accept client certificate are affected.
This was previously reported in
<briansmith/webpki#69> and re-reported recently
by Luke Malinowski.
Warnings
RUSTSEC-2021-0127
serde_cbor is unmaintained
| Details | |
|---|---|
| Status | unmaintained |
| Package | serde_cbor |
| Version | 0.11.2 |
| URL | https://github.com/pyfisch/cbor |
| Date | 2021-08-15 |
The serde_cbor crate is unmaintained. The author has archived the github repository.
Alternatives proposed by the author:
Loading