GHSA-95hm-pr6q-298w: fast-able is vulnerable to DoS attack through insecure method

September 15, 2025

The public accessible struct SyncVec has a public safe method get_unchecked. It accept a parameter index and used in the get_unchecked without sufficient checks as mentioned here.

References

doc.rust-lang.org/std/primitive.slice.html
gitee.com/guoyucode/fast-able
github.com/advisories/GHSA-95hm-pr6q-298w
rustsec.org/advisories/RUSTSEC-2025-0063.html

Code Behaviors & Features

Detect and mitigate GHSA-95hm-pr6q-298w with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →