HistoryEditJSON (OSV)

RUSTSEC-2025-0031

Unsound public API in unmaintained crate

Reported
Issued
Package
tanton_engine (crates.io)
Type
Vulnerability
Categories
Patched
no patched versions
Affected Functions
Version
tanton_engine::RootMoveList::insert_score
  • ^1.0.0
tanton_engine::RootMoveList::insert_score_depth
  • ^1.0.0
tanton_engine::Stack::offset
  • ^1.0.0
tanton_engine::ThreadStack::get
  • ^1.0.0

Description

The following functions in the tanton_engine crate are unsound due to lack of sufficient boundary checks in public API:

The tanton_engine crate is no longer maintained, so there are no plans to fix this issue.

Advisory available under CC0-1.0 license.