RUSTSEC-2018-0019: Multiple memory safety issues
Opened this issue · 0 comments
github-actions commented
Multiple memory safety issues
| Details | |
|---|---|
| Package | actix-web |
| Version | 4.0.0-beta.6 |
| URL | actix/actix-web#289 |
| Date | 2018-06-08 |
| Patched versions | >=0.7.15 |
Affected versions contain multiple memory safety issues, such as:
- Unsoundly coercing immutable references to mutable references
- Unsoundly extending lifetimes of strings
- Adding the
Sendmarker trait to objects that cannot be safely sent between threads
This may result in a variety of memory corruption scenarios, most likely use-after-free.
A signficant refactoring effort has been conducted to resolve these issues.
See advisory page for additional details.