/
DirectorySecurity Advisories
Sign In
Security Advisories

CGA-whgm-mm2w-ch6p

Published

Last updated

https://images.chainguard.dev/security/CGA-whgm-mm2w-ch6p
Package

nushell

RepositoryWolfi
Latest Update
Fixed
Fixed Version

0.103.0-r2

Aliases
  • GHSA-4fcv-w3qc-ppgg

Severity

Unknown

Summary

rust-openssl Use-After-Free in Md::fetch and Cipher::fetch

Description

When a Some(...) value was passed to the properties argument of either of these functions, a use-after-free would result.

In practice this would nearly always result in OpenSSL treating the properties as an empty string (due to CString::drop's behavior).

The maintainers thank quitbug for reporting this vulnerability to us.

References

Updates


Safe Source for Open Sourceâ„¢
Media KitContact Us
© 2025 Chainguard. All Rights Reserved.
Private PolicyTerms of Use

Products

Chainguard ContainersChainguard LibrariesChainguard VMs