Insecure Deserialization and Memory-Based Confusion Attacks in Boost Serialization

An issue was discovered in Boost Serialization v1.89.0 and below. Insecure deserialization of untrusted input under certain conditions may lead to type confusion and ownership confusion, *-- redacted --*.

*-- details redacted temporarily, discussion with maintainers ongoing --*