GHSA-qg5g-gv98-5ffh: rustls network-reachable panic in `Acceptor::accept`

GHSA-rjjv-87mx-6x3h: @sveltejs/kit vulnerable to on dev mode 404 page

GHSA-mh2x-fcqh-fmqv: @sveltejs/kit has unescaped error message included on error page

GHSA-5xr6-xhww-33m4: Artifact poisoning vulnerability in action-download-artifact v5 and earlier

GHSA-7f6p-phw2-8253: Taurus multi-party-sig has OT-based ECDSA protocol implementation flaws

The [`os_socketaddr`](https://crates.io/crates/os_socketaddr) crate has assumed `std::net::SocketAddrV4` and `std::net::SocketAddrV6` have the same memory layout as the system C representation `sockaddr`. It has simply casted the pointers to convert the socket addresses to the system representation.

These layout were [changed into idiomatic rust types](https://github.com/rust-lang/rust/pull/78802) in nightly `std`. Starting from rustc 1.64 the affected versions of this crate will have undefined behaviour.



**\`os\_socketaddr\` invalidly assumes the memory layout of std::net::SocketAddr**

High severity GitHub Reviewed Published Sep 2, 2022

Headline

GHSA-c439-chv8-8g2j: `os_socketaddr` invalidly assumes the memory layout of std::net::SocketAddr

ghsa: Latest News