This issue and vector is similar to [RUSTSEC-2020-0029] of rgb
crate which mozjpeg
depends on.
Affected versions of mozjpeg
crate allow creating instances of any type T
from bytes,
and do not correctly constrain T
to the types for which it is safe to do so.
Examples of safety violation possible for a type T
:
T
contains a reference type, and it constructs a pointer to an invalid, arbitrary memory address.T
requires a safety and/or validity invariant for its construction that may be violated.The issue was fixed in 0.8.19 by using safer types and involving rgb
dependency bump.
{ "license": "CC0-1.0" }