RUSTSEC-2026-0183

ADVISORY - rustsec

Summary

When calling Remote::list() for a remote of a git repository, when that remote does not advertise any references, git2 passes a null pointer to the unsafe function slice::from_raw_parts(). Based on the safety section documentation of function, data must be non-null even for slices of length zero. Thus, the use of a null pointer leads to undefined behavior.

Common Weakness Enumeration (CWE)

Impacted images

Advisories

Sign in to Docker Scout

See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.