Skip to content

wrflib has a soundness issue and is unmaintained

Low severity GitHub Reviewed Published Oct 3, 2025 to the GitHub Advisory Database • Updated Oct 3, 2025

Package

cargo wrflib (Rust)

Affected versions

<= 0.0.3

Patched versions

None

Description

All functions under wrflib::byte_extract are simply wrapper of unsafe pointer offset and lacks sufficient checks to it pointer and offset parameter.

wrflib is unmaintained.

References

Published to the GitHub Advisory Database Oct 3, 2025
Reviewed Oct 3, 2025
Last updated Oct 3, 2025

Severity

Low

EPSS score

Weaknesses

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. Learn more on MITRE.

CVE ID

No known CVE

GHSA ID

GHSA-466c-pfvv-v83g

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.