In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade tokio
to version 1.43.1, 1.38.2, 1.44.2 or higher.
tokio is an An event-driven, non-blocking I/O platform for writing asynchronous I/O backed applications.
Affected versions of this package are vulnerable to Improper Control of a Resource Through its Lifetime due to the improper internal handling of the clone
operation on non-Sync
types within the broadcast channel. An attacker can exploit this behavior to cause unsoundness in the system by using types that are Send
but not Sync
.