Integer Overflow Vulnerability in Transpose Crate for Rust
CVE-2023-53156

4.5MEDIUM

Key Information:

Vendor: Ejmahler
Status: Transpose
Vendor: CVE Published:; 27 July 2025

What is CVE-2023-53156?

The Transpose crate prior to version 0.2.3 for Rust is vulnerable to an integer overflow that can occur through manipulated input_width and input_height parameters. This flaw could allow attackers to exploit the system, leading to unexpected behaviors or potential crashes. It is crucial for developers utilizing this crate to upgrade to the latest version to mitigate any associated risks.

Affected Version(s)

transpose 0 < 0.2.3

References

https://rustsec.org/advisories/RUSTSEC-2023-0080.html

https://github.com/ejmahler/transpose/issues/11

https://github.com/advisories/GHSA-5gmm-6m36-r7jh

CVSS V3.1

Score:

4.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 27, 2025
Vulnerability Reserved
Jul 27, 2025

Ejmahler

What is CVE-2023-53156?

Affected Version(s)

References

CVSS V3.1

Timeline