Debian Rust-Image vulnerabilities

CVE-2020-35916 [MEDIUM] CVE-2020-35916: rust-image - An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable re... An issue was discovered in the image crate before 0.23.12 for Rust. A Mutable reference has immutable provenance. (In the case of LLVM, the IR may be always correct.) Scope: local bookworm: resolved (fixed in 0.23.14-1) forky: resolved (fixed in 0.23.14-1) sid: resolved (fixed in 0.23.14-1) trixie: resolved (fixed in 0.23.14-1)

CVE-2019-16138 [CRITICAL] CVE-2019-16138: rust-image - An issue was discovered in the image crate before 0.21.3 for Rust, affecting the... An issue was discovered in the image crate before 0.21.3 for Rust, affecting the HDR image format decoder. Vec::set_len is called on an uninitialized vector, leading to a use-after-free and arbitrary code execution. Scope: local bookworm: resolved forky: resolved sid: resolved trixie: resolved