RUSTSEC-2026-0078
- Source
- https://rustsec.org/advisories/RUSTSEC-2026-0078
- Import Source
- https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0078.json
- JSON Data
- https://api.osv.dev/v1/vulns/RUSTSEC-2026-0078
- Published
- 2026-03-30T12:00:00Z
- Modified
- 2026-03-30T21:45:13.764566Z
- Summary
- Symbol confusion after hasher panic in `intaglio` interners
- Details
-
Affected versions of this crate can leave all
SymbolTablevariants in an internally inconsistent state if a customBuildHasherpanics duringHashMap::insertand the caller recovers withcatch_unwind.The
internimplementations committed avec.push(...)before the matchingmap.insert(...)completed. If hashing panicked in that window, later lookups and inserts could observe divergingvecandmaplengths.In release builds, this can lead to symbol confusion where a newly interned string resolves to previously interned attacker-controlled contents. In debug builds, the same corruption is detected by follow-up assertions and results in panics.
The flaw was corrected in version 1.13.3 by making the
vecmutation transactional across unwind boundaries so partially inserted entries are rolled back before the panic propagates. - Database specific
{ "license": "CC0-1.0" }- References
Affected packages
crates.io / intaglio
Package
- Name
- intaglio
- View open source insights on deps.dev
- Purl
- pkg:cargo/intaglio