Bump actions/checkout from 4 to 5 #4021
GitHub Actions / Security audit
failed
Aug 12, 2025 in 0s
Security advisories found
1 advisories, 1 other
Details
Vulnerabilities
RUSTSEC-2025-0047
Out-of-bounds access in
get_disjoint_mutdue to incorrect bounds check
| Details | |
|---|---|
| Package | slab |
| Version | 0.4.10 |
| URL | GHSA-qx2v-8332-m4fv |
| Date | 2025-08-12 |
| Patched versions | >=0.4.11 |
| Unaffected versions | <0.4.10 |
Impact
The get_disjoint_mut method in slab v0.4.10 incorrectly checked if indices were within the slab's capacity instead of its length, allowing access to uninitialized memory. This could lead to undefined behavior or potential crashes.
Patches
This has been fixed in slab v0.4.11.
Workarounds
Avoid using get_disjoint_mut with indices that might be beyond the slab's actual length, or upgrade to v0.4.11 or later.
References
Warnings
Crate rustls is yanked
No extra details provided.
Loading