RUSTSEC-2026-0130

Out-of-bounds read/write in Index and IndexMut implementations

Reported

May 2, 2026

Issued

May 13, 2026

Package

caja (crates.io)

Type

INFO Unsound

Categories

memory-corruption

Keywords

#out-of-bounds

References

https://github.com/EmanuelGCC/Caja/issues/1

Patched

>=0.3.0

Description

The Index and IndexMut implementations for Caja use unchecked pointer arithmetic without bounds validation. Creating a Caja with a small key and then accessing an out-of-range index causes out-of-bounds reads or writes beyond the allocated memory.

This can be triggered through safe public APIs — the [] indexing operator on a Caja with an out-of-range index — with no unsafe required from the caller.

Advisory available under CC0-1.0 license.