Open Ebert-Hanke opened 3 months ago
Running cargo-audit yields the following two security warnings:
Crate: gix-fs Version: 0.8.1 Title: Traversal outside working tree enables arbitrary code execution Date: 2024-05-22 ID: RUSTSEC-2024-0350 URL: https://rustsec.org/advisories/RUSTSEC-2024-0350 Severity: 8.8 (high) Solution: Upgrade to >=0.11.0
Crate: gix-ref Version: 0.38.0 Title: Refs and paths with reserved Windows device names access the devices Date: 2024-05-22 ID: RUSTSEC-2024-0351 URL: https://rustsec.org/advisories/RUSTSEC-2024-0351 Severity: 5.4 (medium) Solution: Upgrade to >=0.44.0
Both seem to be dependencies of the used crate watchexec-filterer-globset which is currently used at version 3.0.
3.0
If upgrading it to current version of 4.0 is possible, this should fix both security warnings.
4.0
Running cargo-audit yields the following two security warnings:
Both seem to be dependencies of the used crate watchexec-filterer-globset which is currently used at version
3.0.If upgrading it to current version of
4.0is possible, this should fix both security warnings.