We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crate: eyre Version: 0.6.11 Title: Parts of Report are dropped as the wrong type during downcast Date: 2024-03-05 ID: RUSTSEC-2024-0021 URL: https://rustsec.org/advisories/RUSTSEC-2024-0021 Solution: Upgrade to >=0.6.12 Dependency tree: eyre 0.6.11 └── ethers-contract-abigen 2.0.12 ├── ethers-contract-derive 2.0.12 │ └── ethers-contract 2.0.11 │ ├── ethers-middleware 2.0.11 │ │ └── ethers 2.0.11 │ │ └── summa-solvency 0.1.0 │ └── ethers 2.0.11 └── ethers-contract 2.0.11
Crate: h2 Version: 0.3.24 Title: Degradation of service in h2 servers with CONTINUATION Flood Date: 2024-04-03 ID: RUSTSEC-2024-0332 URL: https://rustsec.org/advisories/RUSTSEC-2024-0332 Solution: Upgrade to ^0.3.26 OR >=0.4.4 Dependency tree: h2 0.3.24 ├── reqwest 0.11.23 │ ├── ethers-providers 2.0.11 │ │ ├── ethers-middleware 2.0.11 │ │ │ └── ethers 2.0.11 │ │ │ └── summa-solvency 0.1.0 │ │ ├── ethers-contract 2.0.11 │ │ │ ├── ethers-middleware 2.0.11 │ │ │ └── ethers 2.0.11 │ │ └── ethers 2.0.11 │ ├── ethers-middleware 2.0.11 │ └── ethers-etherscan 2.0.12 │ └── ethers 2.0.11 └── hyper 0.14.28 └── reqwest 0.11.23
Crate: mio Version: 0.8.10 Title: Tokens for named pipes may be delivered after deregistration Date: 2024-03-04 ID: RUSTSEC-2024-0019 URL: https://rustsec.org/advisories/RUSTSEC-2024-0019 Solution: Upgrade to >=0.8.11 Dependency tree: mio 0.8.10 └── tokio 1.35.1 ├── tokio-util 0.7.10 │ └── h2 0.3.24 │ ├── reqwest 0.11.23 │ │ ├── ethers-providers 2.0.11 │ │ │ ├── ethers-middleware 2.0.11 │ │ │ │ └── ethers 2.0.11 │ │ │ │ └── summa-solvency 0.1.0 │ │ │ ├── ethers-contract 2.0.11 │ │ │ │ ├── ethers-middleware 2.0.11 │ │ │ │ └── ethers 2.0.11 │ │ │ └── ethers 2.0.11 │ │ ├── ethers-middleware 2.0.11 │ │ └── ethers-etherscan 2.0.12 │ │ └── ethers 2.0.11 │ └── hyper 0.14.28 │ └── reqwest 0.11.23 ├── reqwest 0.11.23 ├── hyper 0.14.28 ├── h2 0.3.24 ├── ethers-solc 2.0.12 │ ├── ethers-etherscan 2.0.12 │ └── ethers 2.0.11 ├── ethers-providers 2.0.11 └── ethers-middleware 2.0.11
Crate: shlex Version: 1.2.0 Title: Multiple issues involving quote API Date: 2024-01-21 ID: RUSTSEC-2024-0006 URL: https://rustsec.org/advisories/RUSTSEC-2024-0006 Solution: Upgrade to >=1.3.0 Dependency tree: shlex 1.2.0 └── bindgen 0.66.1 └── c-kzg 0.1.1 ├── revm-primitives 1.3.0 │ ├── revm-precompile 2.2.0 │ │ └── revm 3.5.0 │ │ └── halo2_solidity_verifier 0.1.0 │ │ └── summa-solvency 0.1.0 │ └── revm-interpreter 1.3.0 │ └── revm 3.5.0 └── revm-precompile 2.2.0
Crate: serde_cbor Version: 0.11.2 Warning: unmaintained Title: serde_cbor is unmaintained Date: 2021-08-15 ID: RUSTSEC-2021-0127 URL: https://rustsec.org/advisories/RUSTSEC-2021-0127 Dependency tree: serde_cbor 0.11.2 └── criterion 0.3.6 └── summa-solvency 0.1.0
Crate: atty Version: 0.2.14 Warning: unsound Title: Potential unaligned read Date: 2021-07-04 ID: RUSTSEC-2021-0145 URL: https://rustsec.org/advisories/RUSTSEC-2021-0145 Dependency tree: atty 0.2.14 └── criterion 0.3.6 └── summa-solvency 0.1.0
Crate: const-cstr Version: 0.3.0 Warning: unsound Title: const-cstr is Unmaintained Date: 2023-03-12 ID: RUSTSEC-2023-0020 URL: https://rustsec.org/advisories/RUSTSEC-2023-0020 Dependency tree: const-cstr 0.3.0 └── yeslogic-fontconfig-sys 3.2.0 └── font-kit 0.11.0 └── plotters 0.3.5 ├── summa-solvency 0.1.0 ├── halo2_proofs 0.2.0 │ ├── summa-solvency 0.1.0 │ ├── halo2_solidity_verifier 0.1.0 │ │ └── summa-solvency 0.1.0 │ └── halo2_gadgets 0.2.0 │ └── summa-solvency 0.1.0 └── criterion 0.3.6 └── summa-solvency 0.1.0
Crate: iana-time-zone Version: 0.1.59 Warning: yanked Dependency tree: iana-time-zone 0.1.59 └── chrono 0.4.31 ├── plotters 0.3.5 │ ├── summa-solvency 0.1.0 │ ├── halo2_proofs 0.2.0 │ │ ├── summa-solvency 0.1.0 │ │ ├── halo2_solidity_verifier 0.1.0 │ │ │ └── summa-solvency 0.1.0 │ │ └── halo2_gadgets 0.2.0 │ │ └── summa-solvency 0.1.0 │ └── criterion 0.3.6 │ └── summa-solvency 0.1.0 ├── ethers-etherscan 2.0.12 │ └── ethers 2.0.11 │ └── summa-solvency 0.1.0 └── ethers-core 2.0.12 ├── ethers-solc 2.0.12 │ ├── ethers-etherscan 2.0.12 │ └── ethers 2.0.11 ├── ethers-signers 2.0.11 │ ├── ethers-middleware 2.0.11 │ │ └── ethers 2.0.11 │ └── ethers 2.0.11 ├── ethers-providers 2.0.11 │ ├── ethers-middleware 2.0.11 │ ├── ethers-contract 2.0.11 │ │ ├── ethers-middleware 2.0.11 │ │ └── ethers 2.0.11 │ └── ethers 2.0.11 ├── ethers-middleware 2.0.11 ├── ethers-etherscan 2.0.12 ├── ethers-contract-derive 2.0.12 │ └── ethers-contract 2.0.11 ├── ethers-contract-abigen 2.0.12 │ ├── ethers-contract-derive 2.0.12 │ └── ethers-contract 2.0.11 ├── ethers-contract 2.0.11 ├── ethers-addressbook 2.0.12 │ └── ethers 2.0.11 └── ethers 2.0.11
error: 4 vulnerabilities found! warning: 4 warnings found
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Security vulnerability analysis for dependencies of summa-solvency package
vulnerabilities results 4 errors and 4 warnings found as below :
Error # 1
Crate: eyre
Version: 0.6.11
Title: Parts of Report are dropped as the wrong type during downcast
Date: 2024-03-05
ID: RUSTSEC-2024-0021
URL: https://rustsec.org/advisories/RUSTSEC-2024-0021
Solution: Upgrade to >=0.6.12
Dependency tree:
eyre 0.6.11
└── ethers-contract-abigen 2.0.12
├── ethers-contract-derive 2.0.12
│ └── ethers-contract 2.0.11
│ ├── ethers-middleware 2.0.11
│ │ └── ethers 2.0.11
│ │ └── summa-solvency 0.1.0
│ └── ethers 2.0.11
└── ethers-contract 2.0.11
Error # 2
Crate: h2
Version: 0.3.24
Title: Degradation of service in h2 servers with CONTINUATION Flood
Date: 2024-04-03
ID: RUSTSEC-2024-0332
URL: https://rustsec.org/advisories/RUSTSEC-2024-0332
Solution: Upgrade to ^0.3.26 OR >=0.4.4
Dependency tree:
h2 0.3.24
├── reqwest 0.11.23
│ ├── ethers-providers 2.0.11
│ │ ├── ethers-middleware 2.0.11
│ │ │ └── ethers 2.0.11
│ │ │ └── summa-solvency 0.1.0
│ │ ├── ethers-contract 2.0.11
│ │ │ ├── ethers-middleware 2.0.11
│ │ │ └── ethers 2.0.11
│ │ └── ethers 2.0.11
│ ├── ethers-middleware 2.0.11
│ └── ethers-etherscan 2.0.12
│ └── ethers 2.0.11
└── hyper 0.14.28
└── reqwest 0.11.23
Error # 3
Crate: mio
Version: 0.8.10
Title: Tokens for named pipes may be delivered after deregistration
Date: 2024-03-04
ID: RUSTSEC-2024-0019
URL: https://rustsec.org/advisories/RUSTSEC-2024-0019
Solution: Upgrade to >=0.8.11
Dependency tree:
mio 0.8.10
└── tokio 1.35.1
├── tokio-util 0.7.10
│ └── h2 0.3.24
│ ├── reqwest 0.11.23
│ │ ├── ethers-providers 2.0.11
│ │ │ ├── ethers-middleware 2.0.11
│ │ │ │ └── ethers 2.0.11
│ │ │ │ └── summa-solvency 0.1.0
│ │ │ ├── ethers-contract 2.0.11
│ │ │ │ ├── ethers-middleware 2.0.11
│ │ │ │ └── ethers 2.0.11
│ │ │ └── ethers 2.0.11
│ │ ├── ethers-middleware 2.0.11
│ │ └── ethers-etherscan 2.0.12
│ │ └── ethers 2.0.11
│ └── hyper 0.14.28
│ └── reqwest 0.11.23
├── reqwest 0.11.23
├── hyper 0.14.28
├── h2 0.3.24
├── ethers-solc 2.0.12
│ ├── ethers-etherscan 2.0.12
│ └── ethers 2.0.11
├── ethers-providers 2.0.11
└── ethers-middleware 2.0.11
Error # 4
Crate: shlex
Version: 1.2.0
Title: Multiple issues involving quote API
Date: 2024-01-21
ID: RUSTSEC-2024-0006
URL: https://rustsec.org/advisories/RUSTSEC-2024-0006
Solution: Upgrade to >=1.3.0
Dependency tree:
shlex 1.2.0
└── bindgen 0.66.1
└── c-kzg 0.1.1
├── revm-primitives 1.3.0
│ ├── revm-precompile 2.2.0
│ │ └── revm 3.5.0
│ │ └── halo2_solidity_verifier 0.1.0
│ │ └── summa-solvency 0.1.0
│ └── revm-interpreter 1.3.0
│ └── revm 3.5.0
└── revm-precompile 2.2.0
Warning # 1
Crate: serde_cbor
Version: 0.11.2
Warning: unmaintained
Title: serde_cbor is unmaintained
Date: 2021-08-15
ID: RUSTSEC-2021-0127
URL: https://rustsec.org/advisories/RUSTSEC-2021-0127
Dependency tree:
serde_cbor 0.11.2
└── criterion 0.3.6
└── summa-solvency 0.1.0
Warning # 2
Crate: atty
Version: 0.2.14
Warning: unsound
Title: Potential unaligned read
Date: 2021-07-04
ID: RUSTSEC-2021-0145
URL: https://rustsec.org/advisories/RUSTSEC-2021-0145
Dependency tree:
atty 0.2.14
└── criterion 0.3.6
└── summa-solvency 0.1.0
Warning # 3
Crate: const-cstr
Version: 0.3.0
Warning: unsound
Title: const-cstr is Unmaintained
Date: 2023-03-12
ID: RUSTSEC-2023-0020
URL: https://rustsec.org/advisories/RUSTSEC-2023-0020
Dependency tree:
const-cstr 0.3.0
└── yeslogic-fontconfig-sys 3.2.0
└── font-kit 0.11.0
└── plotters 0.3.5
├── summa-solvency 0.1.0
├── halo2_proofs 0.2.0
│ ├── summa-solvency 0.1.0
│ ├── halo2_solidity_verifier 0.1.0
│ │ └── summa-solvency 0.1.0
│ └── halo2_gadgets 0.2.0
│ └── summa-solvency 0.1.0
└── criterion 0.3.6
└── summa-solvency 0.1.0
Warning # 4
Crate: iana-time-zone
Version: 0.1.59
Warning: yanked
Dependency tree:
iana-time-zone 0.1.59
└── chrono 0.4.31
├── plotters 0.3.5
│ ├── summa-solvency 0.1.0
│ ├── halo2_proofs 0.2.0
│ │ ├── summa-solvency 0.1.0
│ │ ├── halo2_solidity_verifier 0.1.0
│ │ │ └── summa-solvency 0.1.0
│ │ └── halo2_gadgets 0.2.0
│ │ └── summa-solvency 0.1.0
│ └── criterion 0.3.6
│ └── summa-solvency 0.1.0
├── ethers-etherscan 2.0.12
│ └── ethers 2.0.11
│ └── summa-solvency 0.1.0
└── ethers-core 2.0.12
├── ethers-solc 2.0.12
│ ├── ethers-etherscan 2.0.12
│ └── ethers 2.0.11
├── ethers-signers 2.0.11
│ ├── ethers-middleware 2.0.11
│ │ └── ethers 2.0.11
│ └── ethers 2.0.11
├── ethers-providers 2.0.11
│ ├── ethers-middleware 2.0.11
│ ├── ethers-contract 2.0.11
│ │ ├── ethers-middleware 2.0.11
│ │ └── ethers 2.0.11
│ └── ethers 2.0.11
├── ethers-middleware 2.0.11
├── ethers-etherscan 2.0.12
├── ethers-contract-derive 2.0.12
│ └── ethers-contract 2.0.11
├── ethers-contract-abigen 2.0.12
│ ├── ethers-contract-derive 2.0.12
│ └── ethers-contract 2.0.11
├── ethers-contract 2.0.11
├── ethers-addressbook 2.0.12
│ └── ethers 2.0.11
└── ethers 2.0.11
error: 4 vulnerabilities found!
warning: 4 warnings found
The text was updated successfully, but these errors were encountered: