5 matches found
CVE-2023-42447
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on...
blurhash-cli (>=0.1.0 <=0.1.1), yozuk-core-skillset (>=0.16.3 <=0.22.11) +1 more potentially affected by CVE-2023-42447 via blurhash (=0.1.1)
blurhash CARGO version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on blurhash and may be impacted: - blurhash-cli =0.1.0, =0.16.3, =0.16.0, =0.22.11 Source cves: CVE-2023-42447 Source advisory: OSV:GHSA-CXVP-82CQ-57H2...
CVE-2023-42447 blurhash panics on parsing crafted inputs
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on...
CVE-2023-42447 blurhash panics on parsing crafted inputs
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on...
CVE-2023-42447
CVE-2023-42447 affects blurhash-rs, a Rust implementation of Blurhash. The vulnerability arises in the 0.1.1 parsing code, which may panic due to multiple panic-guarded out-of-bounds accesses on untrusted input (including UTF-8 multi-byte characters) fed over the network. In practice, this could ...