crates.io package
truetype
pkg:cargo/truetype
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-28030 | — | < 0.30.1 | 0.30.1 | Mar 5, 2021 | An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes. |
- CVE-2021-28030Mar 5, 2021affected < 0.30.1fixed 0.30.1
An issue was discovered in the truetype crate before 0.30.1 for Rust. Attackers can read the contents of uninitialized memory locations via a user-provided Read operation within Tape::take_bytes.