RUSTSEC-2026-0129

See a problem?
Please try reporting it to the source first.
Source
https://rustsec.org/advisories/RUSTSEC-2026-0129
Import Source
https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0129.json
JSON Data
https://api.osv.dev/v1/vulns/RUSTSEC-2026-0129
Published
2026-05-02T12:00:00Z
Modified
2026-05-13T12:45:06.234098Z
Summary
Buffer overflow in `Clusterings::from_i32_column_major_order()`
Details

The from_i32_column_major_order method can create inconsistent internal state. When labels length and n_items mismatch, n_clusterings becomes labels.len() / n_items (truncated), but subsequent calls to label() use indices that exceed the internal data bounds, causing a buffer overflow.

For example, Clusterings::from_i32_column_major_order(&[1,2,3,4,5], 3) creates clusterings with n_clusterings = 5/3 = 1. Then clusterings.label(1, 0) accesses index 1*3 = 3, but only 3 elements exist (indices 0,1,2), causing out-of-bounds access.

This can be triggered through safe public APIs — from_i32_column_major_order() and label() — with no unsafe required from the caller.

Database specific 
{
    "license": "CC0-1.0"
}
References

Affected packages

crates.io / dahl-salso

Package

Name
dahl-salso
View open source insights on deps.dev
Purl
pkg:cargo/dahl-salso

Affected ranges

Type
SEMVER
Events
Introduced
0.0.0-0
Fixed
0.6.8

Ecosystem specific 

{
    "affected_functions": null,
    "affects": {
        "arch": [],
        "functions": [],
        "os": []
    }
}

Database specific

categories 
[
    "memory-corruption"
]
source 
"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2026-0129.json"
informational 
"unsound"
cvss 
null