Uri-the-Padawan / 0303

0 stars 0 forks source link

Medium Risk Material Change - Dependency severity is now medium + 1 more #1145

Open urikalma opened 3 months ago

urikalma commented 3 months ago

Overall dependency risk changed:

Package risk is now Critical

Due to vulnerabilities: GHSA-pqqp-xmhj-wgcw,CVE-2021-32810

Package name: crossbeam-deque, version: 0.7.3

View in Apiiro

Package risk is now Critical

Due to vulnerabilities: GHSA-pqqp-xmhj-wgcw,CVE-2021-32810

Package name: crossbeam-deque, version: 0.7.3

View in Apiiro

Package risk is now Critical

Due to vulnerabilities: GHSA-43w2-9j62-hq99,CVE-2021-25900

Package name: smallvec, version: 0.6.13

View in Apiiro

Package risk is now Critical

Due to vulnerabilities: GHSA-43w2-9j62-hq99,CVE-2021-25900

Package name: smallvec, version: 0.6.13

View in Apiiro

Package risk is now High

Due to vulnerability: GHSA-f67m-9j94-qv9j

Package name: hyper, version: 0.9.18

View in Apiiro

Package risk is now High

Due to vulnerabilities: GHSA-vjrq-cg9x-rfjp,CVE-2017-18589

Package name: cookie, version: 0.2.5

View in Apiiro

Package risk is now High

Due to vulnerabilities: GHSA-qc84-gqf4-9926,CVE-2022-23639

Package name: crossbeam-utils, version: 0.7.2

View in Apiiro

Package risk is now High

Due to vulnerabilities: GHSA-m5pq-gvj9-9vr8,CVE-2022-24713

Package name: regex, version: 0.1.80

View in Apiiro

Package risk is now High

Due to vulnerability: GHSA-9hpw-r23r-xgm5

Package name: thread_local, version: 0.2.7

View in Apiiro

Package risk is now High

Due to vulnerabilities: GHSA-fg7r-2g4j-5cgr,CVE-2021-45710

Package name: tokio, version: 0.1.22

View in Apiiro

Package risk is now Medium

Due to vulnerabilities: GHSA-6hfq-h8hq-87mf,CVE-2021-21299

Package name: hyper, version: 0.12.35

View in Apiiro

Affected repository: 0303

Provided by Dependabot