This project contains known security vulnerabilities #1254

New Issue

Closed

opened 2026-02-05 00:23:45 +03:00 by OVERLORD · 1 comment

OVERLORD commented 2026-02-05 00:23:45 +03:00

Owner

Copy Link

Originally created by @euDominic on GitHub (Apr 19, 2022).

This project contains known security vulnerabilities
https://deps.rs/repo/github/dani-garcia/vaultwarden
Dependencies
(50 total, 4 outdated, 1 insecure)

Originally created by @euDominic on GitHub (Apr 19, 2022). This project contains known security vulnerabilities https://deps.rs/repo/github/dani-garcia/vaultwarden Dependencies (50 total, 4 outdated, 1 insecure)

OVERLORD closed this issue 2026-02-05 00:23:47 +03:00

OVERLORD commented 2026-02-05 00:23:54 +03:00

Author

Owner

Copy Link

@BlackDex commented on GitHub (Apr 19, 2022):

Yea, which we can't resolve.
Chrono is currently having some development done to try and resolve that issue.
Also, it could be unsound to use, it isn't something very trivial i think.

And regarding the others, we can't update some of them since we need to wait for some other packages to be updated first since they are dependent on each other.

Since we always try to use the latest versions of the crates available i do not think this issue should be kept open.

I already have a local testing version with some of the updated crates and all works fine.
As I'm also working on some other optimizations it is probably better to try and merge them all together.

But, thanks for the reminder.

@BlackDex commented on GitHub (Apr 19, 2022): Yea, which we can't resolve. Chrono is currently having some development done to try and resolve that issue. Also, it could be unsound to use, it isn't something very trivial i think. And regarding the others, we can't update some of them since we need to wait for some other packages to be updated first since they are dependent on each other. Since we always try to use the latest versions of the crates available i do not think this issue should be kept open. I already have a local testing version with some of the updated crates and all works fine. As I'm also working on some other optimizations it is probably better to try and merge them all together. But, thanks for the reminder.

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

cached-config-operations

test_dylint

1.35.2

1.35.1

1.35.0

1.34.3

1.34.2

1.34.1

1.34.0

1.33.2

1.33.1

1.33.0

1.32.7

1.32.6

1.32.5

1.32.4

1.32.3

1.32.2

1.32.1

1.32.0

1.31.0

1.30.5

1.30.4

1.30.3

1.30.2

1.30.1

1.30.0

1.29.2

1.29.1

1.29.0

1.28.1

1.28.0

1.27.0

1.26.0

1.25.2

1.25.1

1.25.0

1.24.0

1.23.1

1.23.0

1.22.2

1.22.1

1.22.0

1.21.0

1.20.0

1.19.0

1.18.0

1.17.0

1.16.3

1.16.2

1.16.1

1.16.0

1.15.1

1.15.0

1.14.2

1.14.1

1.14

1.13.1

1.13.0

1.12.0

1.11.0

1.10.0

1.9.1

1.9.0

1.8.0

1.7.0

1.6.1

1.6.0

1.5.0

1.4.0

1.3.0

1.2.0

1.1.0

1.0.0

0.13.0

0.12.0

0.11.0

0.10.0

0.9.0

Labels

Clear labels

SSO

Third party

better for forum

bug

bug

documentation

duplicate

enhancement

future Vault

future Vault

future Vault

good first issue

help wanted

low priority

notes

pull-request

Mirrored from GitHub Pull Request

question

troubleshooting

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

OVERLORD

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: starred/vaultwarden#1254