Moalyousef

Name of the Vulnerable Software and Affected Versions: fltk crate versions prior to 0.15.3 Description: The issue is related to multiple memory safety problems in the fltk crate for Rust. These problems include a NULL pointer dereference when attempting to use a multi-label type with a nonexistent image, and another NULL pointer dereference when setting a window icon using a non-raster image. Additionally, there is an out-of-bounds read due to the pixmap constructor not validating its input properly. Recommendations: For versions prior to 0.15.3, update to version 0.15.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of multi-label types with nonexistent images and non-raster images for window icons until the update is applied. Restrict access to the pixmap constructor to minimize the risk of out-of-bounds reads.

Name of the Vulnerable Software and Affected Versions: fltk crate versions prior to 0.15.3 Description: The issue is related to multiple memory safety problems. There is a NULL pointer dereference when attempting to use a non-raster image for a window icon. Additionally, setting a multi-label type with a nonexistent image leads to a NULL pointer dereference. The pixmap constructor does not validate its input, which can result in out-of-bounds reads. Recommendations: For versions prior to 0.15.3, update to version 0.15.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of non-raster images for window icons and ensuring that images exist before setting them as multi-label types. Restrict the use of the pixmap constructor until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: fltk crate versions prior to 0.15.3 Description: The issue is related to multiple memory safety problems. There is an out-of-bounds read due to the lack of input validation in the pixmap constructor. Additionally, NULL pointer dereferences can occur when attempting to use a non-raster image for a window icon or when setting a multi-label type with a nonexistent image. Recommendations: For versions prior to 0.15.3, update to version 0.15.3 or later to resolve the issue. As a temporary workaround, consider avoiding the use of non-raster images for window icons and ensuring that images exist before setting multi-label types. Restrict the use of the pixmap constructor until a patch is available.