GHSA-466c-pfvv-v83g: wrflib has a soundness issue and is unmaintained

October 3, 2025

All functions under wrflib::byte_extract are simply wrapper of unsafe pointer offset and lacks sufficient checks to it pointer and offset parameter.

wrflib is unmaintained.

References

github.com/advisories/GHSA-466c-pfvv-v83g
github.com/cruise-automation/webviz-rust-framework
rustsec.org/advisories/RUSTSEC-2025-0072.html

Code Behaviors & Features

Detect and mitigate GHSA-466c-pfvv-v83g with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →