{"id":"GHSA-58xc-hpvq-8473","summary":"Redox UEFI Safe API can cause heap-buffer-overflow","details":"ffi::nstr() should be marked unsafe, since a pointer to a buffer without a trailing 0 value will cause a heap buffer overflow.","aliases":["RUSTSEC-2025-0032"],"modified":"2025-10-28T06:29:23.114976Z","published":"2025-05-06T20:00:17Z","database_specific":{"github_reviewed_at":"2025-05-06T20:00:17Z","github_reviewed":true,"cwe_ids":["CWE-122"],"severity":"LOW","nvd_published_at":null},"references":[{"type":"PACKAGE","url":"https://gitlab.redox-os.org/redox-os/uefi"},{"type":"WEB","url":"https://gitlab.redox-os.org/redox-os/uefi/-/commit/b711d47e815665b0ec8949e39292ad8e3fdd0756"},{"type":"WEB","url":"https://rustsec.org/advisories/RUSTSEC-2025-0032.html"}],"affected":[{"package":{"name":"redox_uefi_std","ecosystem":"crates.io","purl":"pkg:cargo/redox_uefi_std"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.1.8"},{"fixed":"0.1.14"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/05/GHSA-58xc-hpvq-8473/GHSA-58xc-hpvq-8473.json"}}],"schema_version":"1.7.3"}