An issue was discovered in the libpulse-binding crate before 2.6.0 for Rust. It mishandles a panic that crosses a Foreign Function Interface (FFI) boundary.

Affected Packages

crates.io libpulse-binding

Affected versions: 0 (fixed in 2.6.0)

Related CVEs

CVE-2019-25055

Key Information

GHSA ID

GHSA-xvcg-2q82-r87j

Published

January 6, 2022 10:18 PM

Last Modified

January 7, 2022 4:25 PM

CVSS Score

7.5 /10

Primary Ecosystem

crates.io

Primary Package

libpulse-binding

GitHub Reviewed

✓ Yes

Dataset

Last updated: July 1, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.