From 2be585eca307c0d82837cb517aedc50ab0ccdf75 Mon Sep 17 00:00:00 2001
From: Shihao Xia <charlesxsh@hotmail.com>
Date: Wed, 7 May 2025 04:17:05 -0400
Subject: [PATCH] scanner-rs OOB read (#2262)

---
 crates/scanner/RUSTSEC-0000-0000.md | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 crates/scanner/RUSTSEC-0000-0000.md

diff --git a/crates/scanner/RUSTSEC-0000-0000.md b/crates/scanner/RUSTSEC-0000-0000.md
new file mode 100644
index 00000000..e55fb909
--- /dev/null
+++ b/crates/scanner/RUSTSEC-0000-0000.md
@@ -0,0 +1,22 @@
+```toml
+[advisory]
+id = "RUSTSEC-0000-0000"
+package = "scanner"
+date = "2025-03-27"
+informational = "unsound"
+categories = ["memory-corruption"]
+keywords = ["out-of-bounds read"]
+url = "https://github.com/pombredanne/scanner-rs/pull/1"
+
+[affected.functions]
+"scanner::Match::get" = ["<= 0.1.0"]
+"scanner::Match::ptr" = ["<= 0.1.0"]
+
+[versions]
+patched = []
+unaffected = []
+```
+
+# Public API without sufficient bounds checking
+
+`Match::get()` and `Match::ptr()` lack sufficient bounds checks, leading to potential out of bounds reads.
\ No newline at end of file