3 matches found
orx-concurrent-bag (>=1.0.0 <=1.16.0), orx-concurrent-iter (>=1.0.0 <=1.22.1) +9 more potentially affected by unknown CVE via orx-pinned-vec (>=0.1.1 <=2.12.0)
orx-pinned-vec CARGO version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.6.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =2.14.0 Source cves: unknown CVE Source advisory: OSV:GHSA-H5J3-CRG5-8JQM...
orx-pinned-vec has undefined behavior in index_of_ptr with empty slices
The safe function indexofptr causes undefined behavior when called with an empty slice. The issue occurs in the line ptr.addslice.len - 1 which underflows when slice.len is 0, creating a pointer with a massive offset. According to Rust's safety rules, creating such a pointer causes immediate...
orx-concurrent-bag (>=1.0.0 <=1.16.0), orx-concurrent-iter (>=1.0.0 <=1.22.1) +9 more potentially affected by unknown CVE via orx-pinned-vec (>=0.1.1 <=2.12.0)
orx-pinned-vec CARGO version =0.1.1, =1.0.0, =1.0.0, =1.0.0, =0.1.0, =0.1.0, =0.6.0, =0.1.0, =1.0.0, =1.0.0, =1.0.0, =0.6.0, =2.14.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0106...