crates.io package
rand_core
pkg:cargo/rand_core
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-27378 | — | >= 0.6.0, < 0.6.2 | 0.6.2 | Feb 18, 2021 | An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data. | ||
| CVE-2020-25576 | — | >= 0.4.0, < 0.4.2 | 0.4.2 | Sep 14, 2020 | An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints. |
- CVE-2021-27378Feb 18, 2021affected >= 0.6.0, < 0.6.2fixed 0.6.2
An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data.
- CVE-2020-25576Sep 14, 2020affected >= 0.4.0, < 0.4.2fixed 0.4.2
An issue was discovered in the rand_core crate before 0.4.2 for Rust. Casting of byte slices to integer slices mishandles alignment constraints.