-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
The advisory explicitly names DecompressScanlines::read_scanlines as the vulnerable entry point. The function's implementation prior to 0.8.19 used unsafe byte conversion patterns similar to RUSTSEC-2020-0029 in the rgb crate, allowing unconstrained transmutation of arbitrary bytes into any Copy type. This violates Rust's safety requirements for valid bit patterns and absence of padding bytes, enabling creation of invalid references and type confusion attacks. The GitHub issue #10 directly calls out this function's unsoundness, and the fix involved constraining acceptable types through safer abstractions.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| mozjpeg | rust | < 0.8.19 | 0.8.19 |
Ongoing coverage of React2Shell