CVE-2019-25055: Panic mishandled in libpulse-binding
(updated )
An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface (FFI) boundary.
References
- github.com/advisories/GHSA-xvcg-2q82-r87j
- github.com/jnqnfe/pulse-binding-rust
- github.com/jnqnfe/pulse-binding-rust/commit/7fd282aef7787577c385aed88cb25d004b85f494
- nvd.nist.gov/vuln/detail/CVE-2019-25055
- raw.githubusercontent.com/rustsec/advisory-db/main/crates/libpulse-binding/RUSTSEC-2019-0038.md
- rustsec.org/advisories/RUSTSEC-2019-0038.html
Detect and mitigate CVE-2019-25055 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →