Closed jqnatividad closed 1 year ago
Hi @probablykasper , running cargo audit returns:
Crate: rustc-serialize Version: 0.3.24 Title: Stack overflow in rustc_serialize when parsing deeply nested JSON Date: 2022-01-01 ID: RUSTSEC-2022-0004 URL: https://rustsec.org/advisories/RUSTSEC-2022-0004 Solution: No fixed upgrade is available! Dependency tree: rustc-serialize 0.3.24 └── decimal 2.1.0 └── cpc 1.8.0
error: 1 vulnerability found!
Any chance an alternative library for decimal can be used?
I don't think there are any alternatives for decimal that meet the same requirements. But I don't think JSON parsing is ever done with cpc anyway?
Hi @probablykasper , running cargo audit returns:
Crate: rustc-serialize Version: 0.3.24 Title: Stack overflow in rustc_serialize when parsing deeply nested JSON Date: 2022-01-01 ID: RUSTSEC-2022-0004 URL: https://rustsec.org/advisories/RUSTSEC-2022-0004 Solution: No fixed upgrade is available! Dependency tree: rustc-serialize 0.3.24 └── decimal 2.1.0 └── cpc 1.8.0
error: 1 vulnerability found!
Any chance an alternative library for decimal can be used?