RUSTSEC-2020-0005 on 2020-03-19: CBox API allows to de-reference raw pointers without unsafe code

CBox and CSemiBox are part of the public API of the cbox crate and they allow to create smart pointers from raw pointers and de-reference them without the need of unsafe code.

CVE-2020-35860

GHSA-3vjm-36rr-7qrq

This crate has no reviews yet. To add a review, set up your cargo-crev.


Crates in the crates.io registry are tarball snapshots uploaded by crates' publishers. The registry is not using crates' git repositories. There is absolutely no guarantee that the repository URL declared by the crate belongs to the crate, or that the code in the repository is the code inside the published tarball.

To review the actual code of the crate, it's best to use cargo crev open cbox. Alternatively, you can download the tarball of cbox v0.3.0 or view the source online.