An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data.
CPE | Name | Operator | Version |
---|---|---|---|
rand | eq | rand_distr-0.4.0 | |
rand | eq | rand_chacha-0.3.0 | |
rand | eq | rand_pcg-0.3.0 | |
rand | eq | 0.8.2 | |
rand | eq | rand_core-0.6.1 | |
rand | eq | 0.8.1 | |
rand | eq | 0.8.0 | |
rand | eq | rand_core-0.6.0 | |
rand | eq | rand_hc-0.3.0 | |
rand | eq | 0.8.3 |