Skip to content

Duplicate Advisory: Uncaught Exception in libpulse-binding

Moderate severity GitHub Reviewed Published Aug 25, 2021 to the GitHub Advisory Database • Updated Jan 23, 2026
Withdrawn This advisory was withdrawn on Jan 23, 2026

Package

cargo libpulse-binding (Rust)

Affected versions

< 2.6.0

Patched versions

2.6.0

Description

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-xvcg-2q82-r87j. This link is maintained to preserve external references.

Original Description

Affected versions of this crate failed to catch panics crossing FFI boundaries via callbacks, which
is a form of UB. This flaw was corrected by [this commit][1] which was included in version 2.6.0.

References

Reviewed Aug 18, 2021
Published to the GitHub Advisory Database Aug 25, 2021
Withdrawn Jan 23, 2026
Last updated Jan 23, 2026

Severity

Moderate

EPSS score

Weaknesses

Uncaught Exception

An exception is thrown from a function, but it is not caught. Learn more on MITRE.

CVE ID

No known CVE

GHSA ID

GHSA-wcxc-jf6c-8rx9

Source code

Loading Checking history
See something to contribute? Suggest improvements for this vulnerability.