DROP #164
GitHub Actions / Security audit
succeeded
Oct 18, 2024 in 0s
Security advisories found
1 unsound, 1 other
Details
Warnings
RUSTSEC-2023-0086
Multiple soundness issues
Details | |
---|---|
Status | unsound |
Package | lexical-core |
Version | 0.8.5 |
Date | 2023-09-03 |
RUSTSEC-2024-0377
contains multiple soundness issues:
- Bytes::read() allows creating instances of types with invalid bit patterns
- BytesIter::read() advances iterators out of bounds
- The
BytesIter
trait has safety invariants but is public and not markedunsafe
write_float()
callsMaybeUninit::assume_init()
on uninitialized data, which is is not allowed by the Rust abstract machineradix()
callsMaybeUninit::assume_init()
on uninitialized data, which is is not allowed by the Rust abstract machine
Version 1.0 fixes these issues, removes the vast majority of unsafe
code, and also fixes some correctness issues.
Crate futures-util
is yanked
No extra details provided.
Loading