CVE-2021-29933

Name of the Vulnerable Software and Affected Versions insert many crate through 2021-01-26

Description An issue in the insert many crate for Rust may cause elements to be dropped twice if the next() method of an iterator panics. This occurs because affected versions of insert many used ptr::copy to move items in a vector, duplicating their ownership, and then iterated over a provided Iterator to insert new items. If the iterator's next() method panics, the vector would drop the same elements twice.

Recommendations For insert many crate through 2021-01-26, consider updating to a version that does not use ptr::copy to move items in a vector, to prevent elements from being dropped twice in case of a panic. As a temporary workaround, consider handling the panic in the next() method to prevent the double drop of elements.