An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::fromutf8unchecked() on unvalidated bytes from an X server.
{ "nvd_published_at": null, "cwe_ids": [ "CWE-252" ], "severity": "CRITICAL", "github_reviewed": true, "github_reviewed_at": "2021-08-19T17:44:05Z" }