RUSTSEC-2024-0377
contains multiple soundness issues:
BytesIter
trait has safety invariants but is public and not marked unsafe
write_float()
calls MaybeUninit::assume_init()
on uninitialized data, which is is not allowed by the Rust abstract machineradix()
calls MaybeUninit::assume_init()
on uninitialized data, which is is not allowed by the Rust abstract machineVersion 1.0 fixes these issues, removes the vast majority of unsafe
code, and also fixes some correctness issues.
{ "nvd_published_at": null, "cwe_ids": [], "severity": "LOW", "github_reviewed": true, "github_reviewed_at": "2024-09-16T17:19:01Z" }