N/A

CVSS Score

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-2wq5-g96f-mv3v

GHSA-2wq5-g96f-mv3v: Ouch! allows a segmentation fault due to use of uninitialized memory

When trying to decompress a file using "ouch", we can reach the function "ouch::archive::zip::convert_zip_date_time". In the function, there is a unsafe function, "transmute". Once the "transmute" function is called to convert the type of "month" object, the address of the object is changed to the uninitialized memory region. After that, when other function tries to dereference "month", segmentation fault occurs.

(GitHub Advisory)

Miggo Vulnerability Database

→

GHSA-2wq5-g96f-mv3v

GHSA-2wq5-g96f-mv3v:

N/A

CVSS Score

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
ouch	rust	< 0.3.1	0.3.1

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly identifies convert_zip_date_time as containing the unsafe transmute operation. The GitHub issue stack trace shows the crash originating from this function (zip.rs:219), and multiple advisory sources confirm this as the root cause. While other functions like days_in_year_month are mentioned in crash reports, they appear to be victims of the uninitialized memory rather than the source of vulnerability. The combination of direct references in advisories, stack trace evidence, and unsafe code usage makes this identification high confidence.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

N/A

-

Basic Information

Basic Information

Concerned about an active attack path?

GHSA-2wq5-g96f-mv3v: Ouch! allows a segmentation fault due to use of uninitialized memory

GHSA-2wq5-g96f-mv3v:

N/A

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Basic Information

Basic Information

Technical Details

GHSA-2wq5-g96f-mv3v: Ouch! allows a segmentation fault due to use of uninitialized memory

N/A

N/A

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI