Out-of-bounds Read
| Property | |
|---|---|
| Language | csharp |
| Severity |  |
| CWE | CWE-125: Out-of-bounds Read |
| OWASP | A04:2021 - Insecure Design |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Description#
Using MemoryMarshal.CreateSpan or CreateReadOnlySpan with an unchecked length can lead to reading outside the bounds of the underlying data. This happens because these methods do not verify that the specified length is valid.
Impact#
If exploited, this can cause your application to access unintended memory, potentially exposing sensitive data or causing crashes. Attackers might leverage this to leak information or destabilize your system, leading to security breaches or reliability issues.