GHSA-wcxc-jf6c-8rx9: Uncaught Exception in libpulse-binding

August 25, 2021

Affected versions of this crate failed to catch panics crossing FFI boundaries via callbacks, which is a form of UB. This flaw was corrected by [this commit][1] which was included in version 2.6.0.

References

github.com/advisories/GHSA-wcxc-jf6c-8rx9
github.com/jnqnfe/pulse-binding-rust
github.com/jnqnfe/pulse-binding-rust/commit/7fd282aef7787577c385aed88cb25d004b85f494
rustsec.org/advisories/RUSTSEC-2019-0038.html

Code Behaviors & Features

Detect and mitigate GHSA-wcxc-jf6c-8rx9 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →