N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-c2hm-mjxv-89r4

EPSS Score

CWE

Published

9/4/2023

Updated

9/16/2024

KEV Status

Technology

Rust

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

GHSA-c2hm-mjxv-89r4

GHSA-c2hm-mjxv-89r4: Multiple soundness issues in lexical

lexical contains multiple soundness issues:

Bytes::read() allows creating instances of types with invalid bit patterns
BytesIter::read() advances iterators out of bounds
The BytesIter trait has safety invariants but is public and not marked unsafe
write_float() calls MaybeUninit::assume_init() on uninitialized data, which is is not allowed by the Rust abstract machine
radix() calls MaybeUninit::assume_init() on uninitialized data, which is is not allowed by the Rust abstract machine

The crate also has some correctness issues.

Alternatives

For quickly parsing floating-point numbers third-party crates are no longer needed. A fast float parsing algorithm by the author of lexical has been merged into libcore.

For quickly parsing integers, consider atoi and btoi crates (100% safe code). atoi_radix10 provides even faster parsing, but only with -C target-cpu=native, and at the cost of some unsafe.

For formatting integers in a #[no_std] context consider the numtoa crate.

For working with big numbers consider num-bigint and num-traits.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

GHSA ID

GHSA-c2hm-mjxv-89r4

EPSS Score

CWE

Published

9/4/2023

Updated

9/16/2024

KEV Status

Technology

Rust

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
lexical	rust	<= 6.1.1	7.0.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The identified functions are directly referenced in the vulnerability reports with specific soundness violations. Each corresponds to documented issues: Bytes::read() for invalid bit patterns, BytesIter::read() for iterator safety, write_float() and radix() for improper MaybeUninit usage. The public BytesIter trait's lack of unsafe marking is a design flaw but doesn't represent a specific function implementation vulnerability. All listed functions have clear technical explanations in the advisory links and demonstrate direct violations of Rust's safety guarantees.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

`l*xi**l` *ont*ins multipl* soun*n*ss issu*s: *. [*yt*s::r***() *llows *r**tin* inst*n**s o* typ*s wit* inv*li* *it p*tt*rns](*ttps://*it*u*.*om/*l*x*usz***/rust-l*xi**l/issu*s/***) *. [*yt*sIt*r::r***() **v*n**s it*r*tors out o* *oun*s](*ttps://*

Reasoning

T** i**nti*i** *un*tions *r* *ir**tly r***r*n*** in t** vuln*r**ility r*ports wit* sp**i*i* soun*n*ss viol*tions. **** *orr*spon*s to *o*um*nt** issu*s: `*yt*s::r***()` *or inv*li* *it p*tt*rns, `*yt*sIt*r::r***()` *or it*r*tor s***ty, `writ*_*lo*t()

N/A

Basic Information

Concerned about an active attack path?

GHSA-c2hm-mjxv-89r4: Multiple soundness issues in lexical

Alternatives

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI