GHSA-WWXP-HXH6-8GF8 binary_vec_io access memory out-of-bounds in binary_read_to_ref and binary_write_from_ref

Safe functions accept a single &T or &mut T but multiply by n to create slices extending beyond allocated memory when n 1. These functions use fromrawparts to create slices larger than the underlying allocation, violating memory safety. The binaryvecio repository is archived and unmaintained...

mirror_sparse_matrix (>=0.1.1 <=0.1.17) potentially affected by unknown CVE via binary_vec_io (=0.1.12)

binaryvecio CARGO version =0.1.12 is affected by a known vulnerability. The following packages have a transitive dependency on binaryvecio and may be impacted: - mirrorsparsematrix =0.1.1, =0.1.17 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0109...