GHSA-m325-rxjv-pwph: Deserialization functions pass uninitialized memory to user-provided Read
(updated )
Affected versions of this crate passed an uninitialized buffer to a
user-provided Read
instance in:
deserialize_binary
deserialize_string
deserialize_extension_others
deserialize_string_primitive
This can result in safe Read
implementations reading from the uninitialized
buffer leading to undefined behavior.
References
Detect and mitigate GHSA-m325-rxjv-pwph with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →