RUSTSEC-2025-0031
Unsound public API in unmaintained crate
- Reported
- Issued
- Package
- tanton_engine (crates.io)
- Type
- Vulnerability
- Categories
- Patched
- no patched versions
- Affected Functions
- Version
tanton_engine::RootMoveList::insert_score-
^1.0.0
tanton_engine::RootMoveList::insert_score_depth-
^1.0.0
tanton_engine::Stack::offset-
^1.0.0
tanton_engine::ThreadStack::get-
^1.0.0
Description
The following functions in the tanton_engine crate are unsound due to lack of sufficient boundary
checks in public API:
Stack::offset()ThreadStack::get()RootMoveList::insert_score_depth()RootMoveList::insert_score()
The tanton_engine crate is no longer maintained, so there are no plans to fix this issue.
Advisory available under CC0-1.0 license.