HistoryEditJSON (OSV)

RUSTSEC-2025-0028

cve-rs introduces memory vulnerabilities in safe Rust

Reported
Issued
Package
cve-rs (crates.io)
Type
INFO Unsound
Categories
Keywords
#soundness-hole
References
Patched
no patched versions

Description

cve-rs allows you to introduce common memory vulnerabilities (such as buffer overflows and segfaults) into your Rust program in a memory safe manner.

Internally, this crate does not use unsafe code, it instead exploits a soundness bug in rustc: https://github.com/rust-lang/rust/issues/25860

Advisory available under CC0-1.0 license.