This repository has been archived by the owner on Jul 24, 2024. It is now read-only.

Bump cargo deps (CVE-2022-23639) #327

Open

dmadisetti opened this issue Mar 16, 2024 · 1 comment

Labels

enhancement needs triage

dmadisetti commented Mar 16, 2024

I've been getting alerts about security issues in crossbeam for years: https://nvd.nist.gov/vuln/detail/CVE-2022-23639

Can we just bump all the deps?

dmadisetti added enhancement needs triage labels

Member

zimbatm commented Mar 17, 2024

Looking at the CVE, it doesn't seem to be a practical exploit for this project. But be my guest, happy to get PRs.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.