VulnerableCode Package Details - pkg:cargo/libafl@0.11.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:cargo/libafl@0.11.2

Essentials
History (1)

purl	pkg:cargo/libafl@0.11.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-n66p-n411-cfct	libafl has unsound usages of `core::slice::from_raw_parts_mut` The library breaks the safety assumptions when using unsafe API `slice::from_raw_parts_mut`. The pointer passed to `from_raw_parts_mut` is misaligned by casting `u8` to `u16` raw pointer directly, which is unsound. The bug is patched by using `align_offset`, which could make sure the memory address is aligned to 2 bytes for `u16`. This was patched in 0.11.2 in the [commit](https://github.com/AFLplusplus/LibAFL/pull/1530/commits/5a60cb31ef587d71d09d534bba39bd3973c4b35d).	GHSA-f7qj-v3vp-4856

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-15T01:54:27.263540+00:00	GHSA Importer	Fixing	VCID-n66p-n411-cfct	https://github.com/advisories/GHSA-f7qj-v3vp-4856	38.6.0