      Loaded 401 security advisories (from /usr/share/cargo-audit-advisory-db/)
warning: couldn't open crates.io index: registry: crates.io registry has not been fetched yet
    Scanning Cargo.lock for vulnerabilities (365 crate dependencies)
Crate:         chrono
Version:       0.4.19
Title:         Potential segfault in `localtime_r` invocations
Date:          2020-11-10
ID:            RUSTSEC-2020-0159
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0159
Solution:      No safe upgrade is available!
Dependency tree: 
chrono 0.4.19
├── tera 1.7.1
│   └── tokei 12.1.2
│       └── cargo-crev 0.19.4
├── crev-wot 0.19.1
│   ├── crev-lib 0.19.4
│   │   └── cargo-crev 0.19.4
│   └── cargo-crev 0.19.4
├── crev-lib 0.19.4
├── crev-data 0.19.2
│   ├── crev-wot 0.19.1
│   ├── crev-lib 0.19.4
│   └── cargo-crev 0.19.4
├── crev-common 0.19.1
│   ├── crevsum 0.3.1
│   ├── crev-wot 0.19.1
│   ├── crev-lib 0.19.4
│   ├── crev-data 0.19.2
│   └── cargo-crev 0.19.4
├── crates_io_api 0.7.0
│   └── cargo-crev 0.19.4
├── chrono-tz 0.5.3
│   └── tera 1.7.1
└── cargo-crev 0.19.4

Crate:         crossbeam-deque
Version:       0.7.3
Title:         Data race in crossbeam-deque
Date:          2021-07-30
ID:            RUSTSEC-2021-0093
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0093
Solution:      Upgrade to >=0.7.4, <0.8.0 OR >=0.8.1
Dependency tree: 
crossbeam-deque 0.7.3

Crate:         crossbeam-deque
Version:       0.8.0
Title:         Data race in crossbeam-deque
Date:          2021-07-30
ID:            RUSTSEC-2021-0093
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0093
Solution:      Upgrade to >=0.7.4, <0.8.0 OR >=0.8.1
Dependency tree: 
crossbeam-deque 0.8.0

Crate:         hyper
Version:       0.14.5
Title:         Lenient `hyper` header parsing of `Content-Length` could allow request smuggling
Date:          2021-07-07
ID:            RUSTSEC-2021-0078
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0078
Solution:      Upgrade to >=0.14.10
Dependency tree: 
hyper 0.14.5
├── reqwest 0.11.3
│   └── crates_io_api 0.7.0
│       └── cargo-crev 0.19.4
└── hyper-tls 0.5.0
    └── reqwest 0.11.3

Crate:         hyper
Version:       0.14.5
Title:         Integer overflow in `hyper`'s parsing of the `Transfer-Encoding` header leads to data loss
Date:          2021-07-07
ID:            RUSTSEC-2021-0079
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0079
Solution:      Upgrade to >=0.14.10

Crate:         openssl-src
Version:       111.15.0+1.1.1k
Title:         SM2 Decryption Buffer Overflow
Date:          2021-08-24
ID:            RUSTSEC-2021-0097
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0097
Solution:      Upgrade to >=111.16
Dependency tree: 
openssl-src 111.15.0+1.1.1k
└── openssl-sys 0.9.61
    ├── openssl 0.10.33
    │   ├── native-tls 0.2.7
    │   │   ├── tokio-native-tls 0.3.0
    │   │   │   ├── reqwest 0.11.3
    │   │   │   │   └── crates_io_api 0.7.0
    │   │   │   │       └── cargo-crev 0.19.4
    │   │   │   └── hyper-tls 0.5.0
    │   │   │       └── reqwest 0.11.3
    │   │   ├── reqwest 0.11.3
    │   │   └── hyper-tls 0.5.0
    │   └── crypto-hash 0.3.4
    │       └── cargo 0.52.0
    │           └── cargo-crev 0.19.4
    ├── native-tls 0.2.7
    ├── libssh2-sys 0.2.21
    │   └── libgit2-sys 0.12.19+1.1.0
    │       ├── git2 0.13.18
    │       │   ├── git2-curl 0.14.1
    │       │   │   └── cargo 0.52.0
    │       │   ├── crev-lib 0.19.4
    │       │   │   └── cargo-crev 0.19.4
    │       │   ├── cargo-crev 0.19.4
    │       │   └── cargo 0.52.0
    │       └── cargo 0.52.0
    ├── libgit2-sys 0.12.19+1.1.0
    ├── git2 0.13.18
    ├── curl-sys 0.4.42+curl-7.76.0
    │   ├── curl 0.4.36
    │   │   ├── git2-curl 0.14.1
    │   │   ├── crates-io 0.33.0
    │   │   │   └── cargo 0.52.0
    │   │   └── cargo 0.52.0
    │   └── cargo 0.52.0
    ├── curl 0.4.36
    └── cargo-crev 0.19.4

Crate:         openssl-src
Version:       111.15.0+1.1.1k
Title:         Read buffer overruns processing ASN.1 strings
Date:          2021-08-24
ID:            RUSTSEC-2021-0098
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0098
Solution:      Upgrade to >=111.16

Crate:         regex
Version:       1.4.5
Title:         Regexes with large repetitions on empty sub-expressions take a very long time to parse
Date:          2022-03-08
ID:            RUSTSEC-2022-0013
URL:           https://rustsec.org/advisories/RUSTSEC-2022-0013
Solution:      Upgrade to >=1.5.5
Dependency tree: 
regex 1.4.5
├── tokei 12.1.2
│   └── cargo-crev 0.19.4
├── tera 1.7.1
│   └── tokei 12.1.2
├── parse-zoneinfo 0.3.0
│   └── chrono-tz 0.5.3
│       └── tera 1.7.1
├── ignore 0.4.17
│   ├── tokei 12.1.2
│   ├── globwalk 0.8.1
│   │   └── tera 1.7.1
│   └── cargo 0.52.0
│       └── cargo-crev 0.19.4
├── globset 0.4.6
│   └── ignore 0.4.17
└── env_logger 0.8.3
    ├── tokei 12.1.2
    ├── cargo-crev 0.19.4
    └── cargo 0.52.0

Crate:         tar
Version:       0.4.33
Title:         Links in archive can create arbitrary directories
Date:          2021-07-19
ID:            RUSTSEC-2021-0080
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0080
Solution:      Upgrade to >=0.4.36
Dependency tree: 
tar 0.4.33
└── cargo 0.52.0
    └── cargo-crev 0.19.4

Crate:         thread_local
Version:       1.1.3
Title:         Data race in `Iter` and `IterMut`
Date:          2022-01-23
ID:            RUSTSEC-2022-0006
URL:           https://rustsec.org/advisories/RUSTSEC-2022-0006
Solution:      Upgrade to >=1.1.4
Dependency tree: 
thread_local 1.1.3
└── ignore 0.4.17
    ├── tokei 12.1.2
    │   └── cargo-crev 0.19.4
    ├── globwalk 0.8.1
    │   └── tera 1.7.1
    │       └── tokei 12.1.2
    └── cargo 0.52.0
        └── cargo-crev 0.19.4

Crate:         time
Version:       0.1.44
Title:         Potential segfault in the time crate
Date:          2020-11-18
ID:            RUSTSEC-2020-0071
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0071
Solution:      Upgrade to >=0.2.23
Dependency tree: 
time 0.1.44

Crate:         tokio
Version:       1.5.0
Title:         Data race when sending and receiving after closing a `oneshot` channel
Date:          2021-11-16
ID:            RUSTSEC-2021-0124
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0124
Solution:      Upgrade to >=1.8.4, <1.9.0 OR >=1.13.1
Dependency tree: 
tokio 1.5.0
├── tokio-util 0.6.6
│   └── h2 0.3.2
│       └── hyper 0.14.5
│           ├── reqwest 0.11.3
│           │   └── crates_io_api 0.7.0
│           │       └── cargo-crev 0.19.4
│           └── hyper-tls 0.5.0
│               └── reqwest 0.11.3
├── tokio-native-tls 0.3.0
│   ├── reqwest 0.11.3
│   └── hyper-tls 0.5.0
├── reqwest 0.11.3
├── hyper-tls 0.5.0
├── hyper 0.14.5
├── h2 0.3.2
└── crates_io_api 0.7.0

Crate:         tokio
Version:       1.5.0
Title:         Task dropped in wrong thread when aborting `LocalSet` task
Date:          2021-07-07
ID:            RUSTSEC-2021-0072
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0072
Solution:      Upgrade to >=1.5.1, <1.6.0 OR >=1.6.3, <1.7.0 OR >=1.7.2, <1.8.0 OR >=1.8.1

Crate:         zeroize_derive
Version:       1.1.0
Title:         `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s
Date:          2021-09-24
ID:            RUSTSEC-2021-0115
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0115
Solution:      Upgrade to >=1.1.1
Dependency tree: 
zeroize_derive 1.1.0
└── zeroize 1.3.0
    ├── ed25519-dalek 1.0.1
    │   └── crev-data 0.19.2
    │       ├── crev-wot 0.19.1
    │       │   ├── crev-lib 0.19.4
    │       │   │   └── cargo-crev 0.19.4
    │       │   └── cargo-crev 0.19.4
    │       ├── crev-lib 0.19.4
    │       └── cargo-crev 0.19.4
    ├── curve25519-dalek 3.1.0
    │   └── ed25519-dalek 1.0.1
    └── aes-siv 0.2.0
        └── miscreant 0.5.2
            └── crev-lib 0.19.4

Crate:         aes-soft
Version:       0.3.3
Warning:       unmaintained
Title:         `aes-soft` has been merged into the `aes` crate
Date:          2021-04-29
ID:            RUSTSEC-2021-0060
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0060
Dependency tree: 
aes-soft 0.3.3
└── aes 0.3.2
    ├── miscreant 0.5.2
    │   └── crev-lib 0.19.4
    │       └── cargo-crev 0.19.4
    └── aes-siv 0.2.0
        └── miscreant 0.5.2

Crate:         aesni
Version:       0.6.0
Warning:       unmaintained
Title:         `aesni` has been merged into the `aes` crate
Date:          2021-04-29
ID:            RUSTSEC-2021-0059
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0059
Dependency tree: 
aesni 0.6.0
└── aes 0.3.2
    ├── miscreant 0.5.2
    │   └── crev-lib 0.19.4
    │       └── cargo-crev 0.19.4
    └── aes-siv 0.2.0
        └── miscreant 0.5.2

Crate:         block-cipher-trait
Version:       0.6.2
Warning:       unmaintained
Title:         crate has been renamed to `block-cipher`
Date:          2020-05-26
ID:            RUSTSEC-2020-0018
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0018
Dependency tree: 
block-cipher-trait 0.6.2
├── pmac 0.2.0
│   ├── miscreant 0.5.2
│   │   └── crev-lib 0.19.4
│   │       └── cargo-crev 0.19.4
│   └── aes-siv 0.2.0
│       └── miscreant 0.5.2
├── ctr 0.3.2
│   ├── miscreant 0.5.2
│   └── aes-siv 0.2.0
├── cmac 0.2.0
│   ├── miscreant 0.5.2
│   └── aes-siv 0.2.0
├── aesni 0.6.0
│   └── aes 0.3.2
│       ├── miscreant 0.5.2
│       └── aes-siv 0.2.0
├── aes-soft 0.3.3
│   └── aes 0.3.2
└── aes 0.3.2

Crate:         cpuid-bool
Version:       0.1.2
Warning:       unmaintained
Title:         `cpuid-bool` has been renamed to `cpufeatures`
Date:          2021-05-06
ID:            RUSTSEC-2021-0064
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0064
Dependency tree: 
cpuid-bool 0.1.2
└── sha2 0.9.3
    └── ed25519-dalek 1.0.1
        └── crev-data 0.19.2
            ├── crev-wot 0.19.1
            │   ├── crev-lib 0.19.4
            │   │   └── cargo-crev 0.19.4
            │   └── cargo-crev 0.19.4
            ├── crev-lib 0.19.4
            └── cargo-crev 0.19.4

Crate:         failure
Version:       0.1.8
Warning:       unmaintained
Title:         failure is officially deprecated/unmaintained
Date:          2020-05-02
ID:            RUSTSEC-2020-0036
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0036
Dependency tree: 
failure 0.1.8
├── crev-recursive-digest 0.2.1
├── common_failures 0.1.1
│   └── crevsum 0.3.1
└── cargo-crev 0.19.4

Crate:         memmap
Version:       0.7.0
Warning:       unmaintained
Title:         memmap is unmaintained
Date:          2020-12-02
ID:            RUSTSEC-2020-0077
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0077
Dependency tree: 
memmap 0.7.0
└── grep-searcher 0.1.7
    └── tokei 12.1.2
        └── cargo-crev 0.19.4

Crate:         miscreant
Version:       0.5.2
Warning:       unmaintained
Title:         project abandoned; migrate to the `aes-siv` crate
Date:          2021-02-28
ID:            RUSTSEC-2021-0062
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0062
Dependency tree: 
miscreant 0.5.2
└── crev-lib 0.19.4
    └── cargo-crev 0.19.4

Crate:         serde_cbor
Version:       0.11.1
Warning:       unmaintained
Title:         serde_cbor is unmaintained
Date:          2021-08-15
ID:            RUSTSEC-2021-0127
URL:           https://rustsec.org/advisories/RUSTSEC-2021-0127
Dependency tree: 
serde_cbor 0.11.1
└── crev-lib 0.19.4
    └── cargo-crev 0.19.4

Crate:         stdweb
Version:       0.4.20
Warning:       unmaintained
Title:         stdweb is unmaintained
Date:          2020-05-04
ID:            RUSTSEC-2020-0056
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0056
Dependency tree: 
stdweb 0.4.20
└── time 0.2.26

Crate:         stream-cipher
Version:       0.3.2
Warning:       unmaintained
Title:         crate has been renamed to `cipher`
Date:          2020-10-15
ID:            RUSTSEC-2020-0058
URL:           https://rustsec.org/advisories/RUSTSEC-2020-0058
Dependency tree: 
stream-cipher 0.3.2
├── miscreant 0.5.2
│   └── crev-lib 0.19.4
│       └── cargo-crev 0.19.4
├── ctr 0.3.2
│   ├── miscreant 0.5.2
│   └── aes-siv 0.2.0
│       └── miscreant 0.5.2
└── aes-siv 0.2.0

Crate:         term
Version:       0.6.1
Warning:       unmaintained
Title:         term is looking for a new maintainer
Date:          2018-11-19
ID:            RUSTSEC-2018-0015
URL:           https://rustsec.org/advisories/RUSTSEC-2018-0015
Dependency tree: 
term 0.6.1
└── cargo-crev 0.19.4

warning: 11 allowed warnings found
