GHSA-J842-XGM4-WF88 MLX has Wild Pointer Dereference in load_gguf()

Summary Segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. Environment: - OS: Ubuntu 20.04.6 LTS - Compiler: Clang 19.1.7 Vulnerability Location: mlx/io/gguf.cp...

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno versions 1.36.2 through 1.40.3, which stems from an insecure const cvoid, ExternalPointer, which leads to reuse after release...

CVE-2024-27934 *const c_void / ExternalPointer unsoundness leading to use-after-free

Deno is a JavaScript, TypeScript, and WebAssembly runtime. Starting in version 1.36.2 and prior to version 1.40.3, use of inherently unsafe const cvoid and ExternalPointer leads to use-after-free access of the underlying structure, resulting in arbitrary code execution. Use of inherently unsafe...

PT-2024-22148 · Deno · Deno

Name of the Vulnerable Software and Affected Versions: Deno versions 1.36.2 through 1.40.3 Description: The issue arises from the use of inherently unsafe const c void and ExternalPointer which leads to use-after-free access of the underlying structure, resulting in arbitrary code execution. An...