GHSA-mrrw-grhq-86gf: Ascii (crate) allows out-of-bounds array indexing in safe code

February 28, 2023

Affected version of this crate had implementation of From<&mut AsciiStr> for &mut [u8] and &mut str. This can result in out-of-bounds array indexing in safe code.

References

github.com/advisories/GHSA-mrrw-grhq-86gf
github.com/tomprogrammer/rust-ascii
github.com/tomprogrammer/rust-ascii/issues/64
github.com/tomprogrammer/rust-ascii/pull/63/commits/8a6c7798c202766bd57d70fb8d12739dd68fb9dc
rustsec.org/advisories/RUSTSEC-2023-0015.html

Code Behaviors & Features

Detect and mitigate GHSA-mrrw-grhq-86gf with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →