OMGeeky/advisory-db
1
0
Fork 0
mirror of https://github.com/OMGeeky/advisory-db.git synced 2025-12-29 15:56:07 +01:00
Code Issues Packages Projects Releases Wiki Activity

Improve advisory for flatbuffers.

Browse Source
This commit is contained in:
Eduardo Sánchez Muñoz
2020-04-11 16:05:57 +02:00
parent cbeef93cf0
commit 4399b9e310
1 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
crates/flatbuffers/RUSTSEC-0000-0000.toml
View File

@@ -2,11 +2,11 @@
id = "RUSTSEC-0000-0000"
package = "flatbuffers"
date = "2020-04-11"
title = "`read_scalar` and `read_scalar_at` are unsound`"
title = "`read_scalar` and `read_scalar_at` allow transmuting values without `unsafe` blocks"
url = "https://github.com/google/flatbuffers/issues/5825"
description = """
The `read_scalar` and `read_scalar_at` functions are unsound
because the allow transmuting values without `unsafe` blocks.
because they allow transmuting values without `unsafe` blocks.
The following example shows how to create a dangling reference:
@@ -24,8 +24,9 @@ fn main() {
"""
[affected.functions]
"flatbuffers::read_scalar" = []
"flatbuffers::read_scalar_at" = []
"flatbuffers::read_scalar" = [">= 0.4.0"]
"flatbuffers::read_scalar_at" = [">= 0.4.0"]
[versions]
patched = []
unaffected = ["< 0.4.0"]