Abrarnitk

Name of the Vulnerable Software and Affected Versions: algorithmica crate through 2021-03-07 Description: The issue is related to a double free in the `merge sort::merge()` function. In the affected versions of the algorithmica crate, `merge sort::merge()` duplicates and drops ownership of `T` without guarding against double-free, which can cause double free bugs when invoked on `Vec<T: Drop>`. Recommendations: For algorithmica crate through 2021-03-07, consider disabling the `merge sort::merge()` function until a patch is available to prevent double free bugs. Restrict the use of `merge sort::merge()` on `Vec<T: Drop>` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.