Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-q445-7m23-qrmw: openssl's `MemBio::get_buf` has undefined behavior with empty buffers

Previously, MemBio::get_buf called slice::from_raw_parts with a null-pointer, which violates the functions invariants, leading to undefined behavior. In debug builds this would produce an assertion failure. This is now fixed.

ghsa
#git#ssl

openssl’s `MemBio::get_buf` has undefined behavior with empty buffers

Moderate severity GitHub Reviewed Published Jul 22, 2024 to the GitHub Advisory Database • Updated Jul 22, 2024

ghsa: Latest News

GHSA-hxf5-99xg-86hw: cap-std doesn't fully sandbox all the Windows device filenames