GHSA-mrrw-grhq-86gf

Suggest an improvement
Source
https://github.com/advisories/GHSA-mrrw-grhq-86gf
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/02/GHSA-mrrw-grhq-86gf/GHSA-mrrw-grhq-86gf.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-mrrw-grhq-86gf
Aliases
Published
2023-02-28T20:30:10Z
Modified
2023-11-08T04:21:16.691544Z
Summary
Ascii (crate) allows out-of-bounds array indexing in safe code
Details

Affected version of this crate had implementation of From<&mut AsciiStr> for &mut [u8] and &mut str. This can result in out-of-bounds array indexing in safe code.

The flaw was corrected in commit 8a6c779 by removing those impls.

Database specific
{
    "nvd_published_at": null,
    "cwe_ids": [],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2023-02-28T20:30:10Z"
}
References

Affected packages

crates.io / ascii

Package

Affected ranges

Type
SEMVER
Events
Introduced
0.6.0
Fixed
0.9.3