{"id":"RUSTSEC-2023-0015","summary":"Ascii allows out-of-bounds array indexing in safe code","details":"Affected version of this crate had implementation of `From\u003c&mut AsciiStr\u003e` for `&mut [u8]` and `&mut str`. This can result in out-of-bounds array indexing in safe code.\n\nThe flaw was corrected in commit [8a6c779](https://github.com/tomprogrammer/rust-ascii/pull/63/commits/8a6c7798c202766bd57d70fb8d12739dd68fb9dc) by removing those impls.","aliases":["GHSA-mrrw-grhq-86gf"],"modified":"2023-11-08T04:21:16.691544Z","published":"2023-02-25T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/ascii"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2023-0015.html"},{"type":"REPORT","url":"https://github.com/tomprogrammer/rust-ascii/issues/64"}],"affected":[{"package":{"name":"ascii","ecosystem":"crates.io","purl":"pkg:cargo/ascii"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.6.1-0"},{"fixed":"0.9.3"}]}],"ecosystem_specific":{"affected_functions":null,"affects":{"functions":[],"arch":[],"os":[]}},"database_specific":{"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2023-0015.json","cvss":null,"informational":"unsound","categories":["memory-corruption"]}}],"schema_version":"1.7.3"}