Skip to content

anon-vec lacks sufficient checks in public API

Low severity GitHub Reviewed Published Jun 5, 2025 to the GitHub Advisory Database • Updated Jun 5, 2025

Package

cargo anon-vec (Rust)

Affected versions

<= 0.1.1

Patched versions

None

Description

The following functions in the anon-vec crate are unsound due to insufficient checks on their arguments::

  • AnonVec::get_ref()
  • AnonVec::get_mut()
  • AnonVec::remove_get()

The crate was built as a learning project and is not being maintained.

References

Published to the GitHub Advisory Database Jun 5, 2025
Reviewed Jun 5, 2025
Last updated Jun 5, 2025

Severity

Low

EPSS score

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-pr59-jjr4-gcf6

Source code

https://github.com/RylanYancey/anon-vec
Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.