RUSTSEC-2026-0116

See a problem?
Please try reporting it to the source first.
Source
https://rustsec.org/advisories/RUSTSEC-2026-0116
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0116.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2026-0116
Aliases
Related
  • https://github.com/image-rs/imageproc/pull/777
Published
2026-05-01T12:00:00Z
Modified
2026-05-07T08:56:41Z
Summary
Improper check of an invariant resulting in incorrect bounds checks
Details

A bounds verification of a slice storage of a 2-dimensional matrix's coefficients (a kernel) would compare the total size against the product of individual dimensions. This would erroneously cast after the multiplication and consequently fail to detect possible violations when overflow occurs.

Afterwards, the individual sizes were trusted to properly constrain coordinates within the matrix to indices valid for the underlying storage. With a crafted Kernel object, certain combinations of coordinates could then cause an out-of-bounds access in an unsafe function while fulfilling its documented preconditions. The kernel value could be passed to library functions that trusted the preconditions and then performed such reads.

Database specific 
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / imageproc

Package

Name
imageproc
View open source insights on deps.dev
Purl
pkg:cargo/imageproc

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.23.1
Introduced
0.24.0
Fixed
0.24.1
Introduced
0.25.0
Fixed
0.25.1
Introduced
0.26.0
Fixed
0.26.2

Ecosystem specific 

{
    "affected_functions": null,
    "affects": {
        "arch": [],
        "os": [],
        "functions": []
    }
}

Database specific

informational 
"unsound"
categories 
[
    "memory-exposure"
]
cvss 
null
source 
"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0116.json"