Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1yYzIzLXh4Z3EteDI3Z84AAu1Z
wee_alloc is Unmaintained
Two of the maintainers have indicated that the crate may not be maintained.
The crate has open issues including memory leaks and may not be suitable for production use.
It may be best to switch to the default Rust standard allocator on wasm32 targets.
Last release seems to have been three years ago.
Permalink: https://github.com/advisories/GHSA-rc23-xxgq-x27gJSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yYzIzLXh4Z3EteDI3Z84AAu1Z
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: about 2 years ago
Updated: almost 2 years ago
Identifiers: GHSA-rc23-xxgq-x27g
References:
- https://github.com/rustwasm/wee_alloc/issues/107
- https://rustsec.org/advisories/RUSTSEC-2022-0054.html
- https://github.com/advisories/GHSA-rc23-xxgq-x27g
Blast Radius: 0.0
Affected Packages
cargo:wee_alloc
Dependent packages: 220Dependent repositories: 3,403
Downloads: 2,519,420 total
Affected Version Ranges: >= 0
No known fixed version
All affected versions: 0.1.0, 0.2.0, 0.3.0, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.4.4, 0.4.5