Name of the Vulnerable Software and Affected Versions const-cstr (affected versions not specified)

Description The const-cstr crate has been archived and no longer maintained, with unreachable maintainers and no security policy in place. A significant issue is that the crate violates the safety contract of ffi::CStr::from bytes with nul unchecked used in ConstCStr::as cstr, as it does not check for interior nul bytes. This can lead to potential security issues. Additionally, the crate may cause runtime panics if compiled and run with untrusted, non-nul-terminated data, potentially creating a Denial of Service (DoS) vector.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.