{"id":"RUSTSEC-2025-0038","summary":"Out of bounds access in public safe API","details":"`Rows::row_unchecked()` allows out of bounds access to the underlying\nbuffer without sufficient checks.\n\nThe arrow2 crate is no longer maintained, so there are no plans to fix this issue. Users are advised to migrate to the arrow crate, instead.","aliases":["GHSA-wv8j-m3hx-924j"],"modified":"2025-10-28T06:29:26.534058Z","published":"2025-04-24T12:00:00Z","database_specific":{"license":"CC0-1.0"},"references":[{"type":"PACKAGE","url":"https://crates.io/crates/arrow2"},{"type":"ADVISORY","url":"https://rustsec.org/advisories/RUSTSEC-2025-0038.html"}],"affected":[{"package":{"name":"arrow2","ecosystem":"crates.io","purl":"pkg:cargo/arrow2"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0.0.0-0"}]}],"ecosystem_specific":{"affects":{"os":[],"functions":[],"arch":[]},"affected_functions":null},"database_specific":{"cvss":null,"informational":null,"categories":["memory-exposure"],"source":"https://github.com/rustsec/advisory-db/blob/osv/crates/RUSTSEC-2025-0038.json"}}],"schema_version":"1.7.3"}