RUSTSEC-2026-0117

See a problem?
Please try reporting it to the source first.
Source
https://rustsec.org/advisories/RUSTSEC-2026-0117
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0117.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2026-0117
Aliases
Published
2026-05-01T12:00:00Z
Modified
2026-05-07T08:56:41Z
Summary
Fragile bounds check when sampling from image
Details

A bounds check was performed in floating points before a cast to the index passed to an unchecked access function. This checked considered NaN cases improperly, causing them to succeed the check instead of failing it. The floating point coordinate is under caller control by passing a selected projection matrix.

Carefully controlling the coordinates of an image with no data and one non-zero dimension provides an arbitrary read primitive in the first 32-bits of address space with a Bilinear sampling method.

Using bicubic sampling can result in a read of a few bytes beyond an allocation.

Other out-of-bounds reads may be possible.

Database specific 
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / imageproc

Package

Name
imageproc
View open source insights on deps.dev
Purl
pkg:cargo/imageproc

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.23.1
Introduced
0.24.0
Fixed
0.24.1
Introduced
0.25.0
Fixed
0.25.1
Introduced
0.26.0
Fixed
0.26.2

Ecosystem specific 

{
    "affected_functions": null,
    "affects": {
        "arch": [],
        "os": [],
        "functions": [
            "imageproc::geometric_transformations::warp_into",
            "imageproc::geometric_transformations::warp_into_with"
        ]
    }
}

Database specific

informational 
"unsound"
categories 
[
    "memory-exposure"
]
cvss 
null
source 
"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0117.json"