RUSTSEC-2017-0006: rmpv: Unchecked vector pre-allocation

Description

Affected versions of this crate pre-allocate memory on deserializing raw buffers without checking whether there is sufficient data available.

This allows an attacker to do denial-of-service attacks by sending small msgpack messages that allocate gigabytes of memory.

More Info

https://github.com/3Hren/msgpack-rust/issues/151

Patched Versions