RUSTSEC-2026-0184

ADVISORY - rustsec

Summary

When a Blame is created via Blame::blame_buffer(), and a BlameHunk is retrieved, the pointers to the original author, original committer, final author, and final committer may be null if unavailable. The corresponding BlameHunk methods then create Signatures based on null pointers; attempting to access the data of the Signatures leads to dereferencing null pointers.

Common Weakness Enumeration (CWE)

Impacted images

Advisories

RustSec

CREATED

1 month ago

UPDATED

9 hours ago

ADVISORY IDRUSTSEC-2026-0184⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM ADVISORY

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
git2	cargo	-	-	<0.21.0	0.21.0

Severity and metrics

No CVSS data available from this advisory.