Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1wN21qLXh2eGctZ3JmZs4AAyEy
`out_reference::Out::from_raw` should be `unsafe`
Out::from_raw in affected versions allows writing a value to invalid memory address without requiring unsafe.
The soundness issue has been addressed by making Out::from_raw an unsafe function.
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1wN21qLXh2eGctZ3JmZs4AAyEy
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: about 1 year ago
Updated: about 1 year ago
Identifiers: GHSA-p7mj-xvxg-grff
References:
- https://github.com/RustyYato/out-ref/issues/1
- https://rustsec.org/advisories/RUSTSEC-2021-0152.html
- https://github.com/advisories/GHSA-p7mj-xvxg-grff
Blast Radius: 1.0
Affected Packages
cargo:out-reference
Dependent packages: 0Dependent repositories: 0
Downloads: 1,372 total
Affected Version Ranges: >= 0.1.0, < 0.2.0
Fixed in: 0.2.0
All affected versions: 0.1.0, 0.1.1
All unaffected versions: 0.2.0