rustsec/advisory-db
1
0
Fork 0
mirror of https://github.com/rustsec/advisory-db.git synced 2025-12-27 01:54:07 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
65e32a757b329ba04ae785b98842ed6f24885f77
advisory-db/crates/mail-internals/RUSTSEC-2023-0054.md
Alexis Mousset 65e32a757b Sync advisories ids from GitHub (#1760)
2023-08-27 15:52:52 +00:00

1.1 KiB
Raw Blame History 

[advisory]
id = "RUSTSEC-2023-0054"
package = "mail-internals"
date = "2023-08-07"
url = "https://git.sr.ht/~nabijaczleweli/mail-internals.crate/commit/05443c864b204e7f1512caf2d53e8cce4dd340fc"
categories = ["memory-corruption"]
keywords = ["mail", "mail-api"]
aliases = ["GHSA-rcx8-48pc-v9q8"]

[affected]
functions = { "mail_internals::utils::vec_insert_bytes" = [">= 0.2.0"] }

[versions]
patched = []

Use-after-free in vec_insert_bytes

Incorrect reallocation logic in the function vec_insert_bytes causes a use-after-free.

This function does not have to be called directly to trigger the vulnerability because many methods on EncodingWriter call this function internally.

The mail-* suite is unmaintained and the upstream sources have been actively vandalised. A fixed mail-internals-ng (and mail-headers-ng and mail-core-ng) crate has been published which fixes this, and a dependency on another unsound crate.