{"id":"RUSTSEC-2023-0054","summary":"Use-after-free in `vec_insert_bytes`","details":"Incorrect reallocation logic in the function [`vec_insert_bytes`](https://docs.rs/mail-internals/0.2.3/mail_internals/utils/fn.vec_insert_bytes.html) causes a use-after-free.\n\nThis function does not have to be called directly to trigger the vulnerability because many methods on [`EncodingWriter`](https://docs.rs/mail-internals/0.2.3/mail_internals/encoder/struct.EncodingWriter.html) call this function internally.\n\nThe mail-\\* suite is unmaintained and the upstream sources have been actively vandalised.\nA fixed `mail-internals-ng` (and `mail-headers-ng` and `mail-core-ng`) crate has been published which fixes this, and a dependency on another unsound crate.","aliases":["GHSA-rcx8-48pc-v9q8"],"modified":"2023-11-08T04:22:42.487180Z","published":"2023-08-07T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/mail-internals"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2023-0054.html"},{"type":"WEB","url":"https://git.sr.ht/~nabijaczleweli/mail-internals.crate/commit/05443c864b204e7f1512caf2d53e8cce4dd340fc"}],"affected":[{"package":{"name":"mail-internals","ecosystem":"crates.io","purl":"pkg:cargo/mail-internals"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"}]}],"ecosystem_specific":{"affects":{"os":[],"functions":["mail_internals::utils::vec_insert_bytes"],"arch":[]},"affected_functions":null},"database_specific":{"cvss":null,"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2023-0054.json","informational":null,"categories":["memory-corruption"]}}],"schema_version":"1.7.3"}