CVE-2025-47737: trailer mishandles allocating with a size of zero

May 9, 2025

lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero.

References

crates.io/crates/trailer
github.com/Geal/trailer
github.com/Geal/trailer/issues/2
github.com/advisories/GHSA-6x45-r4pr-5362
nvd.nist.gov/vuln/detail/CVE-2025-47737

Code Behaviors & Features

Detect and mitigate CVE-2025-47737 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →