mach is unmaintained

Last release was almost 4 years ago. Maintainers seem to be completely unreachable. Possible Alternatives These may or may not be suitable alternatives and have not been vetted in any way; - mach2 - direct fork...

RUSTSEC-2020-0168 mach is unmaintained

Last release was almost 4 years ago. Maintainers seem to be completely unreachable. Possible Alternatives These may or may not be suitable alternatives and have not been vetted in any way; - mach2 - direct fork...

bigint is unmaintained, use uint instead

The bigint crate is not maintained any more and contains several known bugs including a soundness bug; use uint instead...

RUSTSEC-2020-0025 bigint is unmaintained, use uint instead

The bigint crate is not maintained any more and contains several known bugs including a soundness bug; use uint instead...

RUSTSEC-2020-0056 stdweb is unmaintained

The author of the stdweb crate is unresponsive. Maintained alternatives: - wasm-bindgen - js-sys - web-sys...

failure is officially deprecated/unmaintained

The failure crate is officially end-of-life: it has been marked as deprecated by the former maintainer, who has announced that there will be no updates or maintenance work on it going forward. The following are some suggested actively developed alternatives to switch to: - anyhow - eyre - fehler ...

PYSEC-2020-40

An issue was discovered in drf-jwt 1.15.x before 1.15.1. It allows attackers with access to a notionally invalidated token to obtain a new, working token via the refresh endpoint, because the blacklist protection mechanism is incompatible with the token-refresh feature. NOTE: drf-jwt is a fork of...

tiberius is unmaintained

The author of tiberius has archived the GitHub repository and left the following note: I do not have the time to overhaul the library and do not intend to further maintain the 0.3 version relying on the old futures ecosystem. Suggested alternatives are: - odbc - sqlx forthcoming...

GHSA-MXHP-79QH-MCX6 TaffyDB can allow access to any data items in the DB

TaffyDB allows attackers to forge adding additional properties into user-input processed by taffy which can allow access to any data items in the DB. Taffy sets an internal index for each data item in its DB. However, it is found that the internal index can be forged by adding additional properti...

rulinalg is unmaintained, use nalgebra instead

The rulinalg crate is no longer maintained, use nalgebra instead...

RUSTSEC-2020-0147 rulinalg is unmaintained, use nalgebra instead

The rulinalg crate is no longer maintained, use nalgebra instead...

lzw is unmaintained

The author of the lzw crate is unresponsive. Maintained alternatives: - weezl...

slice-deque is unmaintained

The author of the slice-deque crate is unresponsive and is not receiving security patches. Maintained alternatives: - slice-ring-buffer...

RUSTSEC-2020-0158 slice-deque is unmaintained

The author of the slice-deque crate is unresponsive and is not receiving security patches. Maintained alternatives: - slice-ring-buffer...

RUSTSEC-2020-0144 lzw is unmaintained

The author of the lzw crate is unresponsive. Maintained alternatives: - weezl...

multi_mut is Unmaintained

Last release was about 6 years ago. There is an outstanding soundness issue. The maintainer has not responded for two years to the existing soundness issue. Rust compiler has enabled errors relating to LLVM noalias rules and may not compile anymore where as the old compiler versions had turned...

RUSTSEC-2020-0169 multi_mut is Unmaintained

Last release was about 6 years ago. There is an outstanding soundness issue. The maintainer has not responded for two years to the existing soundness issue. Rust compiler has enabled errors relating to LLVM noalias rules and may not compile anymore where as the old compiler versions had turned...

`tokio-proto` is deprecated/unmaintained

The tokio-proto crate has been deprecated, and its GitHub repository has been archived. Users may be interested in tokio-tower instead, per https://github.com/tokio-rs/tokio/issues/118issuecomment-452969665...

RUSTSEC-2020-0162 `tokio-proto` is deprecated/unmaintained

The tokio-proto crate has been deprecated, and its GitHub repository has been archived. Users may be interested in tokio-tower instead, per https://github.com/tokio-rs/tokio/issues/118issuecomment-452969665...

rust_sodium is unmaintained; switch to a modern alternative

The rustsodium crate is no longer maintained by its current owner, who advise in the repository readme that they are looking for someone else to take ownership of it. We recommend you switch to an alternative crate such as: - sodiumoxide...