HistoryEdit

RUSTSEC-2021-0118

FixedSizeBinaryArray does not perform bound checks on accessing values and offsets

Reported
Issued
Package
arrow (crates.io)
Type
Vulnerability
Categories
Keywords
#buffer-overflow
Details
https://github.com/apache/arrow-rs/issues/774
Patched
  • >=6.4.0

Description

FixedSizeBinaryArray performs insufficient bounds checks, which allows out-of-bounds reads in safe code.