{"ecosystem":"cargo","package":"generic-array","version":null,"bugs":[{"id":4584,"ecosystem":"cargo","package_name":"generic-array","affected_version":"0.13.0","fixed_version":"0.13.3","bug_id":"osv:GHSA-3358-4f7f-p4j4","title":"Use after free in generic-array","description":"An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes.","severity":"high","status":"fixed","source":"osv","source_url":"https://nvd.nist.gov/vuln/detail/CVE-2020-36465","labels":["CVE-2020-36465","RUSTSEC-2020-0146"],"created_at":"2026-04-26 03:01:24.001600+00:00","updated_at":"2026-04-26 03:01:24.001600+00:00"},{"id":4585,"ecosystem":"cargo","package_name":"generic-array","affected_version":"0.13.0","fixed_version":"0.13.3","bug_id":"osv:RUSTSEC-2020-0146","title":"arr! macro erases lifetimes","description":"Affected versions of this crate allowed unsoundly extending\nlifetimes using `arr!` macro. This may result in a variety of\nmemory corruption scenarios, most likely use-after-free.","severity":"medium","status":"fixed","source":"osv","source_url":"https://crates.io/crates/generic-array","labels":["CVE-2020-36465","GHSA-3358-4f7f-p4j4"],"created_at":"2026-04-26 03:01:24.004424+00:00","updated_at":"2026-04-26 03:01:24.004424+00:00"}],"total":2,"_cache":"hit"}