{"id":"RUSTSEC-2020-0165","summary":"mozjpeg DecompressScanlines::read_scanlines is Unsound","details":"This issue and vector is similar to [RUSTSEC-2020-0029] of `rgb` crate which `mozjpeg` depends on.\n\nAffected versions of `mozjpeg` crate allow creating instances of any type `T` from bytes,\nand do not correctly constrain `T` to the types for which it is safe to do so.\n\nExamples of safety violation possible for a type `T`:\n\n* `T` contains a reference type, and it constructs a pointer to an invalid, arbitrary memory address.\n* `T` requires a safety and/or validity invariant for its construction that may be violated.\n\nThe issue was fixed in 0.8.19 by using safer types and involving `rgb` dependency bump.\n\n[RUSTSEC-2020-0029]: https://rustsec.org/advisories/RUSTSEC-2020-0029.html","aliases":["GHSA-v8gq-5grq-9728"],"modified":"2023-11-08T04:23:09.541378Z","published":"2020-07-04T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/mozjpeg"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0165.html"},{"type":"REPORT","url":"https://github.com/ImageOptim/mozjpeg-rust/issues/10"},{"type":"REPORT","url":"https://github.com/kornelski/rust-rgb/issues/35"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2020-0029.html"}],"affected":[{"package":{"name":"mozjpeg","ecosystem":"crates.io","purl":"pkg:cargo/mozjpeg"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"},{"fixed":"0.8.19"}]}],"ecosystem_specific":{"affects":{"arch":[],"os":[],"functions":["mozjpeg::DecompressScanlines::read_scanlines"]},"affected_functions":null},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2020-0165.json","informational":"unsound","cvss":null,"categories":["memory-corruption"]}}],"schema_version":"1.7.3"}